9.8

CVE-2023-5941

In versions of FreeBSD 12.4-RELEASE prior to 12.4-RELEASE-p7 and FreeBSD 13.2-RELEASE prior to 13.2-RELEASE-p5 the __sflush() stdio function in libc does not correctly update FILE objects' write space members for write-buffered streams when the write(2) system call returns an error.  Depending on the nature of an application that calls libc's stdio functions and the presence of errors returned from the write(2) system call (or an overridden stdio write routine) a heap buffer overflow may occur.  Such overflows may lead to data corruption or the execution of arbitrary code at the privilege level of the calling program.

Data is provided by the National Vulnerability Database (NVD)
FreebsdFreebsd Version < 12.4
FreebsdFreebsd Version >= 13.0 < 13.2
FreebsdFreebsd Version12.4 Update-
FreebsdFreebsd Version12.4 Updatep1
FreebsdFreebsd Version12.4 Updatep2
FreebsdFreebsd Version12.4 Updatep3
FreebsdFreebsd Version12.4 Updatep4
FreebsdFreebsd Version12.4 Updatep5
FreebsdFreebsd Version12.4 Updatep6
FreebsdFreebsd Version12.4 Updaterc2-p1
FreebsdFreebsd Version12.4 Updaterc2-p2
FreebsdFreebsd Version13.2 Update-
FreebsdFreebsd Version13.2 Updatep1
FreebsdFreebsd Version13.2 Updatep2
FreebsdFreebsd Version13.2 Updatep3
FreebsdFreebsd Version13.2 Updatep4
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.67% 0.705
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 9.8 3.9 5.9
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE-131 Incorrect Calculation of Buffer Size

The product does not correctly calculate the size to be used when allocating a buffer, which could lead to a buffer overflow.

CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.