Vulnerability Description
An issue was discovered in the Linux kernel before 5.13.3. lib/seq_buf.c has a seq_buf_putmem_hex buffer overflow.
CVSS Score
6.7
MEDIUM
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | >= 2.6.27, < 4.4.276 |
Related Weaknesses (CWE)
References
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.3Release NotesVendor Advisory
- https://github.com/torvalds/linux/commit/d3b16034a24a112bb83aeb669ac5b9b01f744bbPatchVendor Advisory
- https://lkml.kernel.org/r/20210626032156.47889-1-yun.zhou%40windriver.com
- https://lore.kernel.org/lkml/20210625122453.5e2fe304%40oasis.local.home/
- https://security.netapp.com/advisory/ntap-20230427-0005/Third Party Advisory
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.3Release NotesVendor Advisory
- https://github.com/torvalds/linux/commit/d3b16034a24a112bb83aeb669ac5b9b01f744bbPatchVendor Advisory
- https://lkml.kernel.org/r/20210626032156.47889-1-yun.zhou%40windriver.com
- https://lore.kernel.org/lkml/20210625122453.5e2fe304%40oasis.local.home/
- https://security.netapp.com/advisory/ntap-20230427-0005/Third Party Advisory
FAQ
What is CVE-2023-28772?
CVE-2023-28772 is a vulnerability with a CVSS score of 6.7 (MEDIUM). An issue was discovered in the Linux kernel before 5.13.3. lib/seq_buf.c has a seq_buf_putmem_hex buffer overflow.
How severe is CVE-2023-28772?
CVE-2023-28772 has been rated MEDIUM with a CVSS base score of 6.7/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-28772?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.