CVE-2023-40216
MEDIUMOpenbsd - Missing Authorization
Title source: ruleDescription
OpenBSD 7.3 before errata 014 is missing an argument-count bounds check in console terminal emulation. This could cause incorrect memory access and a kernel crash after receiving crafted DCS or CSI terminal escape sequences.
Scores
CVSS v3
5.5
EPSS
0.0004
EPSS Percentile
11.8%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Classification
CWE
CWE-862
Status
published
Affected Products (14)
openbsd/openbsd
openbsd/openbsd
openbsd/openbsd
openbsd/openbsd
openbsd/openbsd
openbsd/openbsd
openbsd/openbsd
openbsd/openbsd
openbsd/openbsd
openbsd/openbsd
openbsd/openbsd
openbsd/openbsd
openbsd/openbsd
openbsd/openbsd
Timeline
Published
Aug 10, 2023
Tracked Since
Feb 18, 2026