OpenBSD 7.4 and 7.3 m_split() network buffer kernel crash
CVE-2023-52558

Currently unrated

Key Information:

Vendor: OpenBSD
Status: OpenBSD
Vendor: CVE Published:; 1 March 2024

Summary

In OpenBSD 7.4 before errata 002 and OpenBSD 7.3 before errata 019, a network buffer that had to be split at certain length that could crash the kernel after receiving specially crafted escape sequences.

Affected Version(s)

OpenBSD 7.3

OpenBSD 7.3 < 7.3 errata 019

OpenBSD 7.4 < 7.4 errata 002

References

https://ftp.openbsd.org/pub/OpenBSD/patches/7.4/common/00...

https://ftp.openbsd.org/pub/OpenBSD/patches/7.3/common/01...

https://github.com/openbsd/src/commit/7b4d35e0a60ba1dd4da...

Timeline

Vulnerability published
Mar 1, 2024
Vulnerability Reserved
Mar 1, 2024