CVE-2023-1380

Published: Mar 27, 2023Modified: Nov 21, 2024

7.1

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Exploitability: 1.8 / Impact: 5.2

Source: NVD

Description

A slab-out-of-bound read problem was found in brcmf_get_assoc_ies in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux Kernel. This issue could occur when assoc_info->req_len data is bigger than the size of the buffer, defined as WL_EXTRA_BUF_MAX, leading to a denial of service.

Affected (29)

Products: Redhat: Enterprise Linux · Linux: Linux Kernel · Netapp: H500s Firmware, H700s Firmware, H410s Firmware, H410c Firmware, H300s Firmware · +2 more

Show all products

Redhat: Enterprise Linux · Linux: Linux Kernel · Netapp: H500s Firmware, H700s Firmware, H410s Firmware, H410c Firmware, H300s Firmware · Debian: Debian Linux · Canonical: Ubuntu Linux

1 product

1 product

5 products

1 product

1 product

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Redhat Enterprise Linux	Version 8.0
Redhat Enterprise Linux	Version 9.0

Configuration B

15 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	From 3.2.1 to 4.14.315
Linux Linux Kernel	From 4.19 to 4.19.283
Linux Linux Kernel	From 5.10 to 5.10.180
Linux Linux Kernel	From 5.15 to 5.15.110
Linux Linux Kernel	From 5.4 to 5.4.243
Linux Linux Kernel	From 6.1 to 6.1.27
Linux Linux Kernel	From 6.2 to 6.2.14
Linux Linux Kernel	Version 6.3
Linux Linux Kernel	Version 6.3 rc1
Linux Linux Kernel	Version 6.3 rc2
Linux Linux Kernel	Version 6.3 rc3
Linux Linux Kernel	Version 6.3 rc4
Linux Linux Kernel	Version 6.3 rc5
Linux Linux Kernel	Version 6.3 rc6
Linux Linux Kernel	Version 6.3 rc7

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netapp H500s Firmware	All versions

Running on/with	Platform Versions
Netapp H500s	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netapp H700s Firmware	All versions

Running on/with	Platform Versions
Netapp H700s	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netapp H410s Firmware	All versions

Running on/with	Platform Versions
Netapp H410s	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netapp H410c Firmware	All versions

Running on/with	Platform Versions
Netapp H410c	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Netapp H300s Firmware	All versions

Running on/with	Platform Versions
Netapp H300s	All versions

Configuration H

2 vulnerable

Vulnerable Software	Affected Versions
Debian Debian Linux	Version 10.0
Debian Debian Linux	Version 11.0

Configuration I

5 vulnerable

Vulnerable Software	Affected Versions
Canonical Ubuntu Linux	Version 14.04
Canonical Ubuntu Linux	Version 16.04
Canonical Ubuntu Linux	Version 18.04
Canonical Ubuntu Linux	Version 20.04
Canonical Ubuntu Linux	Version 22.04