CVE-2023-52558

In OpenBSD 7.4 before errata 002 and OpenBSD 7.3 before errata 019, anetwork buffer that had to be split at certain length that could crash the kernel after receiving specially crafted escape sequences.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
cisa-cgCNA
---
---
CISA-ADPADP
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 22%
VendorProductVersion
openbsdopenbsd
𝑥
< 7.3
openbsdopenbsd
7.3
openbsdopenbsd
7.3:errata_001
openbsdopenbsd
7.3:errata_002
openbsdopenbsd
7.3:errata_003
openbsdopenbsd
7.3:errata_004
openbsdopenbsd
7.3:errata_005
openbsdopenbsd
7.3:errata_006
openbsdopenbsd
7.3:errata_007
openbsdopenbsd
7.3:errata_008
openbsdopenbsd
7.3:errata_009
openbsdopenbsd
7.3:errata_010
openbsdopenbsd
7.3:errata_011
openbsdopenbsd
7.3:errata_012
openbsdopenbsd
7.3:errata_013
openbsdopenbsd
7.3:errata_014
openbsdopenbsd
7.3:errata_015
openbsdopenbsd
7.3:errata_016
openbsdopenbsd
7.3:errata_017
openbsdopenbsd
7.3:errata_018
openbsdopenbsd
7.4
openbsdopenbsd
7.4:errata_001
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://ftp.openbsd.org/pub/OpenBSD/patches/7.3/common/019_msplit.patch.sig
https://ftp.openbsd.org/pub/OpenBSD/patches/7.4/common/002_msplit.patch.sig
https://github.com/openbsd/src/commit/7b4d35e0a60ba1dd4daf4b1c2932020a22463a89
https://ftp.openbsd.org/pub/OpenBSD/patches/7.3/common/019_msplit.patch.sig
https://ftp.openbsd.org/pub/OpenBSD/patches/7.4/common/002_msplit.patch.sig
https://github.com/openbsd/src/commit/7b4d35e0a60ba1dd4daf4b1c2932020a22463a89