CVE-2023-32820
02.10.2023, 03:15
In wlan firmware, there is a possible firmware assertion due to improper input handling. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07932637; Issue ID: ALPS07932637.Enginsight
| Vendor | Product | Version |
|---|---|---|
| linuxfoundation | yocto | 3.1 |
| linuxfoundation | yocto | 3.3 |
| mediatek | iot_yocto | 23.0 |
| android | 11.0 | |
| android | 12.0 | |
| android | 13.0 | |
| linux | linux_kernel | 4.19 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-617 - Reachable AssertionThe product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.
- CWE-20 - Improper Input ValidationThe product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.