CVE-2020-10023 : The shell subsystem contains a buffer overflow, whereby an adversary with physic

The shell subsystem contains a buffer overflow, whereby an adversary with physical access to the device is able to cause a memory corruption, resulting in denial of service or possibly code execution within the Zephyr kernel. See NCC-NCC-019 This issue affects: zephyrproject-rtos zephyr version 1.14.0 and later versions. version 2.1.0 and later versions.

Published 2020-05-11 23:15:12

Updated 2020-06-05 18:15:12

Source Zephyr Project

View at NVD, CVE.org

Vulnerability category: OverflowMemory CorruptionDenial of service

Products affected by CVE-2020-10023

Zephyrproject » Zephyr » Version: 2.1.0
cpe:2.3:o:zephyrproject:zephyr:2.1.0:*:*:*:*:*:*:*
Matching versions
Zephyrproject » Zephyr » Version: 1.14.1
cpe:2.3:o:zephyrproject:zephyr:1.14.1:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2020-10023

EPSS FAQ

0.10%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 25 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2020-10023

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
4.6	MEDIUM	AV:L/AC:L/Au:N/C:P/I:P/A:P	3.9	6.4	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial
6.8	MEDIUM	CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	0.9	5.9	NIST
Attack Vector: Physical Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High
6.9	MEDIUM	CVSS:3.1/AV:P/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H	0.3	6.0	Zephyr Project
Attack Vector: Physical Attack Complexity: High Privileges Required: Low User Interaction: Required Scope: Changed Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2020-10023

CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.
Assigned by:
- nvd@nist.gov (Primary)
- vulnerabilities@zephyrproject.org (Secondary)

References for CVE-2020-10023

https://zephyrprojectsec.atlassian.net/browse/ZEPSEC-29

[ZEPSEC-29] Shell Subsystem Contains a Buffer Overflow Vulnerability In shell_spaces_trim - Zephyr Project Security Issues
Third Party Advisory
https://github.com/zephyrproject-rtos/zephyr/pull/23646

Backport v1.14: shell: utils: Fix buffer overrun in shell_spaces_trim by ceolin · Pull Request #23646 · zephyrproject-rtos/zephyr · GitHub
Patch;Third Party Advisory
https://github.com/zephyrproject-rtos/zephyr/pull/23649

Backport v2.1: shell: utils: Fix buffer overrun in shell_spaces_trim by ceolin · Pull Request #23649 · zephyrproject-rtos/zephyr · GitHub
Patch;Third Party Advisory
https://docs.zephyrproject.org/latest/security/vulnerabilities.html#cve-2020-10023

Vulnerabilities — Zephyr Project Documentation
https://github.com/zephyrproject-rtos/zephyr/pull/23304

shell: utils: Fix buffer overrun in shell_spaces_trim by ceolin · Pull Request #23304 · zephyrproject-rtos/zephyr · GitHub
Patch;Third Party Advisory

Jump to

Vulnerability Details : CVE-2020-10023

Products affected by CVE-2020-10023

Exploit prediction scoring system (EPSS) score for CVE-2020-10023

CVSS scores for CVE-2020-10023

CWE ids for CVE-2020-10023

References for CVE-2020-10023