CVE-2023-1380 — HIGH (7.1) — White Hats Nepal

Vulnerability Description

A slab-out-of-bound read problem was found in brcmf_get_assoc_ies in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux Kernel. This issue could occur when assoc_info->req_len data is bigger than the size of the buffer, defined as WL_EXTRA_BUF_MAX, leading to a denial of service.

CVSS Score

7.1

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

NONE

Availability

HIGH

Affected Products

Vendor	Product	Versions
Redhat	Enterprise Linux	8.0
Linux	Linux Kernel	>= 3.2.1, < 4.14.315
Netapp	H500S Firmware	-
Netapp	H500S	-
Netapp	H700S Firmware	-
Netapp	H700S	-
Netapp	H410S Firmware	-
Netapp	H410S	-
Netapp	H410C Firmware	-
Netapp	H410C	-
Netapp	H300S Firmware	-
Netapp	H300S	-
Debian	Debian Linux	10.0
Canonical	Ubuntu Linux	14.04

Related Weaknesses (CWE)

CWE-125

References

http://packetstormsecurity.com/files/173087/Kernel-Live-Patch-Security-Notice-LSThird Party AdvisoryVDB Entry
http://packetstormsecurity.com/files/173757/Kernel-Live-Patch-Security-Notice-LSThird Party AdvisoryVDB Entry
https://bugzilla.redhat.com/show_bug.cgi?id=2177883Issue TrackingMitigationPatch
https://lists.debian.org/debian-lts-announce/2023/07/msg00030.htmlMailing ListThird Party Advisory
https://lists.debian.org/debian-lts-announce/2023/10/msg00027.htmlMailing ListThird Party Advisory
https://lore.kernel.org/linux-wireless/20230309104457.22628-1-jisoo.jang%40yonsePatch
https://security.netapp.com/advisory/ntap-20230511-0001/Third Party Advisory
https://www.debian.org/security/2023/dsa-5480Third Party Advisory
https://www.openwall.com/lists/oss-security/2023/03/14/1Mailing ListThird Party Advisory
http://packetstormsecurity.com/files/173087/Kernel-Live-Patch-Security-Notice-LSThird Party AdvisoryVDB Entry
http://packetstormsecurity.com/files/173757/Kernel-Live-Patch-Security-Notice-LSThird Party AdvisoryVDB Entry
https://bugzilla.redhat.com/show_bug.cgi?id=2177883Issue TrackingMitigationPatch
https://lists.debian.org/debian-lts-announce/2023/07/msg00030.htmlMailing ListThird Party Advisory
https://lists.debian.org/debian-lts-announce/2023/10/msg00027.htmlMailing ListThird Party Advisory
https://lore.kernel.org/linux-wireless/20230309104457.22628-1-jisoo.jang%40yonsePatch

FAQ

What is CVE-2023-1380?

CVE-2023-1380 is a vulnerability with a CVSS score of 7.1 (HIGH). A slab-out-of-bound read problem was found in brcmf_get_assoc_ies in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux Kernel. This issue could occur when assoc_info->req_len da...

How severe is CVE-2023-1380?

CVE-2023-1380 has been rated HIGH with a CVSS base score of 7.1/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2023-1380?

Check the references section above for vendor advisories and patch information. Affected products include: Redhat Enterprise Linux, Linux Linux Kernel, Netapp H500S Firmware, Netapp H500S, Netapp H700S Firmware.