Potential buffer overflow vulnerabilities in the Zephyr eS-WiFi driver
CVE-2023-4259

7.1HIGH

Key Information:

Vendor: Zephyrproject-rtos
Status: Zephyr
Vendor: CVE Published:; 26 September 2023

🔔 Create Zephyrproject-rtos Vulnerability Alert

What is CVE-2023-4259?

The Zephyr eS-WiFi driver contains two potential buffer overflow vulnerabilities in its source code. These vulnerabilities could allow an attacker to manipulate memory in a way that may lead to unauthorized access or system instability. It is crucial for users of affected versions to review their security posture and apply the necessary patches or mitigations as outlined in the project’s advisory.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Zephyr 1.14 < 3.4

References

https://github.com/zephyrproject-rtos/zephyr/security/adv...

http://www.openwall.com/lists/oss-security/2023/11/07/1

http://seclists.org/fulldisclosure/2023/Nov/1

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 26, 2023
Vulnerability Reserved
Aug 8, 2023

JSON

Zephyrproject-rtos

What is CVE-2023-4259?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.