CVE-2023-5184 - Vulnerability Details

Vendors	Products
Zephyrproject	Zephyr

Link	Providers
http://packetstormsecurity.com/files/175657/Zephyr-RTOS-3.x.0-Buffer-Overflows.html
http://seclists.org/fulldisclosure/2023/Nov/1
http://www.openwall.com/lists/oss-security/2023/11/07/1
https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-8x3p-q3r5-xh9g

Type	Values Removed	Values Added
Description	Two potential signed to unsigned conversion errors and buffer overflow vulnerabilities at the following locations in the Zephyr IPM drivers.	Two potential signed to unsigned conversion errors and buffer overflow vulnerabilities at the following locations in the Zephyr IPM drivers.

Show plain JSON

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-5184", "assignerOrgId": "e2e69745-5e70-4e92-8431-deb5529a81ad", "state": "PUBLISHED", "assignerShortName": "zephyr", "dateReserved": "2023-09-25T19:53:12.084Z", "datePublished": "2023-09-27T17:26:51.660Z", "dateUpdated": "2025-02-13T17:19:55.558Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "packageName": "Zephyr", "product": "Zephyr", "repo": "https://github.com/zephyrproject-rtos/zephyr", "vendor": "zephyrproject-rtos", "versions": [{"lessThanOrEqual": "3.4", "status": "affected", "version": "*", "versionType": "git"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<span style=\"background-color: rgb(255, 255, 255);\">&nbsp;Two potential signed to unsigned conversion errors and buffer overflow vulnerabilities at the following locations in the Zephyr IPM drivers.</span><br>"}], "value": "Two potential signed to unsigned conversion errors and buffer overflow vulnerabilities at the following locations in the Zephyr IPM drivers."}], "impacts": [{"capecId": "CAPEC-100", "descriptions": [{"lang": "en", "value": "CAPEC-100 Overflow Buffers"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-120", "description": "CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')", "lang": "en", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-195", "description": "CWE-195 Signed to Unsigned Conversion Error", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "e2e69745-5e70-4e92-8431-deb5529a81ad", "shortName": "zephyr", "dateUpdated": "2023-11-14T03:06:26.619Z"}, "references": [{"url": "https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-8x3p-q3r5-xh9g"}, {"url": "http://www.openwall.com/lists/oss-security/2023/11/07/1"}, {"url": "http://seclists.org/fulldisclosure/2023/Nov/1"}, {"url": "http://packetstormsecurity.com/files/175657/Zephyr-RTOS-3.x.0-Buffer-Overflows.html"}], "source": {"discovery": "UNKNOWN"}, "title": "Potential signed to unsigned conversion errors and buffer overflow vulnerabilities in the Zephyr IPM driver", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T07:52:08.249Z"}, "title": "CVE Program Container", "references": [{"url": "https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-8x3p-q3r5-xh9g", "tags": ["x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2023/11/07/1", "tags": ["x_transferred"]}, {"url": "http://seclists.org/fulldisclosure/2023/Nov/1", "tags": ["x_transferred"]}, {"url": "http://packetstormsecurity.com/files/175657/Zephyr-RTOS-3.x.0-Buffer-Overflows.html", "tags": ["x_transferred"]}]}]}}

{

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

cveMetadata : { »

cveId : CVE-2023-5184 (string)

assignerOrgId : e2e69745-5e70-4e92-8431-deb5529a81ad (string)

state : PUBLISHED (string)

assignerShortName : zephyr (string)

dateReserved : 2023-09-25T19:53:12.084Z (string)

datePublished : 2023-09-27T17:26:51.660Z (string)

dateUpdated : 2025-02-13T17:19:55.558Z (string)

}

containers : { »

cna : { »

affected : [ »

0 : { »

defaultStatus : unaffected (string)

packageName : Zephyr (string)

product : Zephyr (string)

repo : https://github.com/zephyrproject-rtos/zephyr (string)

vendor : zephyrproject-rtos (string)

versions : [ »

0 : { »

lessThanOrEqual : 3.4 (string)

status : affected (string)

version : * (string)

versionType : git (string)

}

]

}

]

descriptions : [ »

0 : { »

lang : en (string)

supportingMedia : [ »

0 : { »

base64 : false (boolean)

type : text/html (string)

value : <span style="background-color: rgb(255, 255, 255);"> Two potential signed to unsigned conversion errors and buffer overflow vulnerabilities at the following locations in the Zephyr IPM drivers.</span><br> (string)

}

]

value : Two potential signed to unsigned conversion errors and buffer overflow vulnerabilities at the following locations in the Zephyr IPM drivers. (string)

}

]

impacts : [ »

0 : { »

capecId : CAPEC-100 (string)

descriptions : [ »

0 : { »

lang : en (string)

value : CAPEC-100 Overflow Buffers (string)

}

]

}

]

metrics : [ »

0 : { »

cvssV3_1 : { »

attackComplexity : HIGH (string)

attackVector : LOCAL (string)

availabilityImpact : HIGH (string)

baseScore : 7 (number)

baseSeverity : HIGH (string)

confidentialityImpact : LOW (string)

integrityImpact : LOW (string)

privilegesRequired : LOW (string)

scope : CHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H (string)

version : 3.1 (string)

}

format : CVSS (string)

scenarios : [ »

0 : { »

lang : en (string)

value : GENERAL (string)

}

]

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

cweId : CWE-120 (string)

description : CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') (string)

lang : en (string)

type : CWE (string)

}

]

}

1 : { »

descriptions : [ »

0 : { »

cweId : CWE-195 (string)

description : CWE-195 Signed to Unsigned Conversion Error (string)

lang : en (string)

type : CWE (string)

}

]

}

]

providerMetadata : { »

orgId : e2e69745-5e70-4e92-8431-deb5529a81ad (string)

shortName : zephyr (string)

dateUpdated : 2023-11-14T03:06:26.619Z (string)

}

references : [ »

0 : { »

url : https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-8x3p-q3r5-xh9g (string)

}

1 : { »

url : http://www.openwall.com/lists/oss-security/2023/11/07/1 (string)

}

2 : { »

url : http://seclists.org/fulldisclosure/2023/Nov/1 (string)

}

3 : { »

url : http://packetstormsecurity.com/files/175657/Zephyr-RTOS-3.x.0-Buffer-Overflows.html (string)

}

]

source : { »

discovery : UNKNOWN (string)

}

title : Potential signed to unsigned conversion errors and buffer overflow vulnerabilities in the Zephyr IPM driver (string)

x_generator : { »

engine : Vulnogram 0.1.0-dev (string)

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-02T07:52:08.249Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

url : https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-8x3p-q3r5-xh9g (string)

tags : [ »

0 : x_transferred (string)

]

}

1 : { »

url : http://www.openwall.com/lists/oss-security/2023/11/07/1 (string)

tags : [ »

0 : x_transferred (string)

]

}

2 : { »

url : http://seclists.org/fulldisclosure/2023/Nov/1 (string)

tags : [ »

0 : x_transferred (string)

]

}

3 : { »

url : http://packetstormsecurity.com/files/175657/Zephyr-RTOS-3.x.0-Buffer-Overflows.html (string)

tags : [ »

0 : x_transferred (string)

]

}

]

}

]

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:zephyrproject:zephyr:*:*:*:*:*:*:*:*", "matchCriteriaId": "51CECB97-3A81-4A54-AA0A-DB2A1DE18CF2", "versionEndIncluding": "3.4.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Two potential signed to unsigned conversion errors and buffer overflow vulnerabilities at the following locations in the Zephyr IPM drivers."}, {"lang": "es", "value": "Dos posibles errores de conversi\u00f3n de firmados a no firmados y vulnerabilidades de desbordamiento del b\u00fafer en las siguientes ubicaciones en los controladores Zephyr IPM."}], "id": "CVE-2023-5184", "lastModified": "2025-02-13T18:15:55.643", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H", "version": "3.1"}, "exploitabilityScore": 1.1, "impactScore": 5.3, "source": "vulnerabilities@zephyrproject.org", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.0, "impactScore": 6.0, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-09-27T18:15:11.997", "references": [{"source": "vulnerabilities@zephyrproject.org", "tags": ["Exploit", "Third Party Advisory"], "url": "http://packetstormsecurity.com/files/175657/Zephyr-RTOS-3.x.0-Buffer-Overflows.html"}, {"source": "vulnerabilities@zephyrproject.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://seclists.org/fulldisclosure/2023/Nov/1"}, {"source": "vulnerabilities@zephyrproject.org", "tags": ["Mailing List"], "url": "http://www.openwall.com/lists/oss-security/2023/11/07/1"}, {"source": "vulnerabilities@zephyrproject.org", "tags": ["Exploit", "Vendor Advisory"], "url": "https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-8x3p-q3r5-xh9g"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "http://packetstormsecurity.com/files/175657/Zephyr-RTOS-3.x.0-Buffer-Overflows.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://seclists.org/fulldisclosure/2023/Nov/1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List"], "url": "http://www.openwall.com/lists/oss-security/2023/11/07/1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Vendor Advisory"], "url": "https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-8x3p-q3r5-xh9g"}], "sourceIdentifier": "vulnerabilities@zephyrproject.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-120"}, {"lang": "en", "value": "CWE-195"}], "source": "vulnerabilities@zephyrproject.org", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-120"}, {"lang": "en", "value": "CWE-681"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:zephyrproject:zephyr:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 51CECB97-3A81-4A54-AA0A-DB2A1DE18CF2 (string)

versionEndIncluding : 3.4.0 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

cveTags : [ *empty* ]

descriptions : [ »

0 : { »

lang : en (string)

value : Two potential signed to unsigned conversion errors and buffer overflow vulnerabilities at the following locations in the Zephyr IPM drivers. (string)

}

1 : { »

lang : es (string)

value : Dos posibles errores de conversión de firmados a no firmados y vulnerabilidades de desbordamiento del búfer en las siguientes ubicaciones en los controladores Zephyr IPM. (string)

}

]

id : CVE-2023-5184 (string)

lastModified : 2025-02-13T18:15:55.643 (string)

metrics : { »

cvssMetricV31 : [ »

0 : { »

cvssData : { »

attackComplexity : HIGH (string)

attackVector : LOCAL (string)

availabilityImpact : HIGH (string)

baseScore : 7 (number)

baseSeverity : HIGH (string)

confidentialityImpact : LOW (string)

integrityImpact : LOW (string)

privilegesRequired : LOW (string)

scope : CHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H (string)

version : 3.1 (string)

}

exploitabilityScore : 1.1 (number)

impactScore : 5.3 (number)

source : vulnerabilities@zephyrproject.org (string)

type : Secondary (string)

}

1 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : LOCAL (string)

availabilityImpact : HIGH (string)

baseScore : 8.8 (number)

baseSeverity : HIGH (string)

confidentialityImpact : HIGH (string)

integrityImpact : HIGH (string)

privilegesRequired : LOW (string)

scope : CHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H (string)

version : 3.1 (string)

}

exploitabilityScore : 2 (number)

impactScore : 6 (number)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

published : 2023-09-27T18:15:11.997 (string)

references : [ »

0 : { »

source : vulnerabilities@zephyrproject.org (string)

tags : [ »

0 : Exploit (string)

1 : Third Party Advisory (string)

]

url : http://packetstormsecurity.com/files/175657/Zephyr-RTOS-3.x.0-Buffer-Overflows.html (string)

}

1 : { »

source : vulnerabilities@zephyrproject.org (string)

tags : [ »

0 : Mailing List (string)

1 : Third Party Advisory (string)

]

url : http://seclists.org/fulldisclosure/2023/Nov/1 (string)

}

2 : { »

source : vulnerabilities@zephyrproject.org (string)

tags : [ »

0 : Mailing List (string)

]

url : http://www.openwall.com/lists/oss-security/2023/11/07/1 (string)

}

3 : { »

source : vulnerabilities@zephyrproject.org (string)

tags : [ »

0 : Exploit (string)

1 : Vendor Advisory (string)

]

url : https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-8x3p-q3r5-xh9g (string)

}

4 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Exploit (string)

1 : Third Party Advisory (string)

]

url : http://packetstormsecurity.com/files/175657/Zephyr-RTOS-3.x.0-Buffer-Overflows.html (string)

}

5 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Mailing List (string)

1 : Third Party Advisory (string)

]

url : http://seclists.org/fulldisclosure/2023/Nov/1 (string)

}

6 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Mailing List (string)

]

url : http://www.openwall.com/lists/oss-security/2023/11/07/1 (string)

}

7 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Exploit (string)

1 : Vendor Advisory (string)

]

url : https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-8x3p-q3r5-xh9g (string)

}

]

sourceIdentifier : vulnerabilities@zephyrproject.org (string)

vulnStatus : Modified (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-120 (string)

}

1 : { »

lang : en (string)

value : CWE-195 (string)

}

]

source : vulnerabilities@zephyrproject.org (string)

type : Secondary (string)

}

1 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-120 (string)

}

1 : { »

lang : en (string)

value : CWE-681 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Attack Vector Local

Attack Complexity High

Privileges Required Low

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact High

User Interaction None

Affected Vendors & Products

Metrics

Attack Vector Local

Attack Complexity High

Privileges Required Low

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact High

User Interaction None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object