CVE-2023-4257

Summary

Unchecked user input length in /subsys/net/l2/wifi/wifi_shell.c can cause buffer overflows.

Affected Software

VendorProductVersion RangeStatus
zephyrproject-rtosZephyr0 <= 3.4affected

Weaknesses

  • CWE-120: CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
  • CWE-131: CWE-131 Incorrect Calculation of Buffer Size

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References