CVE-2023-4259

Summary

Two potential buffer overflow vulnerabilities at the following locations in the Zephyr eS-WiFi driver source code.

Affected Software

VendorProductVersion RangeStatus
zephyrproject-rtosZephyr1.14 < 3.4affected

Weaknesses

  • CWE-120: CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
  • CWE-193: CWE-193 Off-by-one Error

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References