Vulnerability Details : CVE-2023-4273
Potential exploit
A flaw was found in the exFAT driver of the Linux kernel. The vulnerability exists in the implementation of the file name reconstruction function, which is responsible for reading file name entries from a directory index and merging file name parts belonging to one file into a single long file name. Since the file name characters are copied into a stack variable, a local privileged attacker could use this flaw to overflow the kernel stack.
Products affected by CVE-2023-4273
- cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:12.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:6.5:rc1:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:6.5:rc2:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:6.5:rc3:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:6.5:rc4:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*
- cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*
- cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2023-4273
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 13 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2023-4273
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
6.7
|
MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
0.8
|
5.9
|
NIST | |
|
6.0
|
MEDIUM | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N |
0.8
|
5.2
|
Red Hat, Inc. |
CWE ids for CVE-2023-4273
-
A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).Assigned by: secalert@redhat.com (Secondary)
-
The product writes data past the end, or before the beginning, of the intended buffer.Assigned by: nvd@nist.gov (Primary)
References for CVE-2023-4273
-
https://www.debian.org/security/2023/dsa-5480
Debian -- Security Information -- DSA-5480-1 linuxThird Party Advisory
-
https://access.redhat.com/errata/RHSA-2023:6583
RHSA-2023:6583 - Security Advisory - Red Hat カスタマーポータル
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3TYLSJ2SAI7RF56ZLQ5CQWCJLVJSD73Q/
[SECURITY] Fedora 38 Update: kernel-6.4.10-200.fc38 - package-announce - Fedora Mailing-ListsMailing List;Third Party Advisory
-
https://www.debian.org/security/2023/dsa-5492
Debian -- Security Information -- DSA-5492-1 linuxThird Party Advisory
-
https://bugzilla.redhat.com/show_bug.cgi?id=2221609
2221609 – (CVE-2023-4273) CVE-2023-4273 kernel: exFAT: stack overflow in exfat_get_uniname_from_ext_entryIssue Tracking;Patch;Third Party Advisory
-
https://security.netapp.com/advisory/ntap-20231027-0002/
August 2023 Linux Kernel 6.5-rc5 Vulnerabilities in NetApp Products | NetApp Product SecurityThird Party Advisory
-
https://dfir.ru/2023/08/23/cve-2023-4273-a-vulnerability-in-the-linux-exfat-driver/
CVE-2023-4273: a vulnerability in the Linux exFAT driver – My DFIR BlogExploit;Third Party Advisory
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/344H6HO6SSC4KT7PDFXSDIXKMKHISSGF/
[SECURITY] Fedora 37 Update: kernel-6.4.10-100.fc37 - package-announce - Fedora Mailing-ListsMailing List
-
https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html
[SECURITY] [DLA 3623-1] linux-5.10 security updateMailing List;Third Party Advisory
-
https://access.redhat.com/security/cve/CVE-2023-4273
CVE-2023-4273- Red Hat Customer PortalThird Party Advisory
Jump to