CVE-2023-3725

Summary

Potential buffer overflow vulnerability in the Zephyr CAN bus subsystem

Affected Software

VendorProductVersion RangeStatus
zephyrproject-rtosZephyr* <= 3.4affected

Weaknesses

  • CWE-120: CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
  • CWE-121: CWE-121 Stack-based Buffer Overflow A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References