CVE-2023-45839 - OpenCVE

Multiple data integrity vulnerabilities exist in the package hash checking functionality of Buildroot 2023.08.1 and Buildroot dev commit 622698d7847. A specially crafted man-in-the-middle attack can lead to arbitrary command execution in the builder.This vulnerability is related to the `aufs-util` package.

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Buildroot	Buildroot

Configuration 1 [-]

cpe:2.3:a:buildroot:buildroot:2023.08.1:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://www.openwall.com/lists/oss-security/2023/12/11/1
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1844

History

No history.

MITRE

Status: PUBLISHED

Assigner: talos

Published: 2023-12-05T11:30:10.770Z

Updated: 2024-08-02T20:29:32.495Z

Reserved: 2023-10-13T15:53:40.298Z

Link: CVE-2023-45839

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2023-12-05T12:15:43.397

Modified: 2023-12-12T01:06:18.090

Link: CVE-2023-45839

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-45839", "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", "state": "PUBLISHED", "assignerShortName": "talos", "dateReserved": "2023-10-13T15:53:40.298Z", "datePublished": "2023-12-05T11:30:10.770Z", "dateUpdated": "2024-08-02T20:29:32.495Z"}, "containers": {"cna": {"affected": [{"vendor": "Buildroot", "product": "Buildroot", "versions": [{"version": "2023.08.1", "status": "affected"}, {"version": "dev commit 622698d7847", "status": "affected"}]}], "descriptions": [{"lang": "en", "value": "Multiple data integrity vulnerabilities exist in the package hash checking functionality of Buildroot 2023.08.1 and Buildroot dev commit 622698d7847. A specially crafted man-in-the-middle attack can lead to arbitrary command execution in the builder.This vulnerability is related to the `aufs-util` package."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-494: Download of Code Without Integrity Check", "type": "CWE", "cweId": "CWE-494"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH"}}], "providerMetadata": {"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", "shortName": "talos", "dateUpdated": "2023-12-05T18:00:07.371Z"}, "references": [{"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1844", "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1844"}, {"url": "http://www.openwall.com/lists/oss-security/2023/12/11/1"}], "credits": [{"lang": "en", "value": "Discovered by Claudio Bozzato and Francesco Benvenuto of Cisco Talos."}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T20:29:32.495Z"}, "title": "CVE Program Container", "references": [{"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1844", "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1844", "tags": ["x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2023/12/11/1", "tags": ["x_transferred"]}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:buildroot:buildroot:2023.08.1:*:*:*:*:*:*:*", "matchCriteriaId": "CF734410-BA22-45F7-AD10-CB28F69D1D81", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Multiple data integrity vulnerabilities exist in the package hash checking functionality of Buildroot 2023.08.1 and Buildroot dev commit 622698d7847. A specially crafted man-in-the-middle attack can lead to arbitrary command execution in the builder.This vulnerability is related to the `aufs-util` package."}, {"lang": "es", "value": "Existen m\u00faltiples vulnerabilidades de integridad de datos en la funcionalidad de verificaci\u00f3n de hash del paquete de Buildroot 2023.08.1 y el commit de desarrollo de Buildroot 622698d7847. Un ataque de intermediario especialmente manipulado puede provocar la ejecuci\u00f3n de comandos arbitrarios en el generador. Esta vulnerabilidad est\u00e1 relacionada con el paquete `aufs-util`."}], "id": "CVE-2023-45839", "lastModified": "2023-12-12T01:06:18.090", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 5.9, "source": "talos-cna@cisco.com", "type": "Secondary"}]}, "published": "2023-12-05T12:15:43.397", "references": [{"source": "talos-cna@cisco.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2023/12/11/1"}, {"source": "talos-cna@cisco.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1844"}], "sourceIdentifier": "talos-cna@cisco.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-494"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-494"}], "source": "talos-cna@cisco.com", "type": "Secondary"}]}