CVE-2023-5941

CRITICAL

Freebsd < 12.4 - Out-of-Bounds Write

Title source: rule

Description

In versions of FreeBSD 12.4-RELEASE prior to 12.4-RELEASE-p7 and FreeBSD 13.2-RELEASE prior to 13.2-RELEASE-p5 the __sflush() stdio function in libc does not correctly update FILE objects' write space members for write-buffered streams when the write(2) system call returns an error. Depending on the nature of an application that calls libc's stdio functions and the presence of errors returned from the write(2) system call (or an overridden stdio write routine) a heap buffer overflow may occur. Such overflows may lead to data corruption or the execution of arbitrary code at the privilege level of the calling program.

References (2)

[Vendor Advisory] https://security.netapp.com/advisory/ntap-20231214-0004/

[Vendor Advisory] https://security.freebsd.org/advisories/FreeBSD-SA-23:15.stdio.asc

Scores

CVSS v3 9.8

EPSS 0.0087

EPSS Percentile 75.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-131 CWE-787

Status published

Products (3)

freebsd/freebsd 12.4 (9 CPE variants)

freebsd/freebsd 13.2 (5 CPE variants)

freebsd/freebsd < 12.4

Published Nov 08, 2023

Tracked Since Feb 18, 2026