CVE-2023-1380

moderate-risk

Published 2023-03-27

A slab-out-of-bound read problem was found in brcmf_get_assoc_ies in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux Kernel. This issue could occur when assoc_info->req_len data is bigger than the size of the buffer, defined as WL_EXTRA_BUF_MAX, leading to a denial of service.

Do I need to act?

0.02% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 7.1/10 High

LOCAL / LOW complexity

Affected Products (20)

Enterprise Linux

Linux Kernel

H500S Firmware

H700S Firmware

H410S Firmware

H410C Firmware

H300S Firmware

Debian Linux

Ubuntu Linux

Affected Vendors

Debian Redhat Linux Canonical Netapp

References (18)

Third Party Advisory http://packetstormsecurity.com/files/173087/Kernel-Live-Patch-Security-Notice-LS...

Third Party Advisory http://packetstormsecurity.com/files/173757/Kernel-Live-Patch-Security-Notice-LS...

Issue Tracking https://bugzilla.redhat.com/show_bug.cgi?id=2177883

Mailing List https://lists.debian.org/debian-lts-announce/2023/07/msg00030.html

Mailing List https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html

Patch https://lore.kernel.org/linux-wireless/20230309104457.22628-1-jisoo.jang%40yonse...

Third Party Advisory https://security.netapp.com/advisory/ntap-20230511-0001/

Third Party Advisory https://www.debian.org/security/2023/dsa-5480

Mailing List https://www.openwall.com/lists/oss-security/2023/03/14/1