CVE-2023-5941: libc stdio buffer overflow
First published: Wed Nov 08 2023(Updated: )
In versions of FreeBSD 12.4-RELEASE prior to 12.4-RELEASE-p7 and FreeBSD 13.2-RELEASE prior to 13.2-RELEASE-p5 the __sflush() stdio function in libc does not correctly update FILE objects' write space members for write-buffered streams when the write(2) system call returns an error. Depending on the nature of an application that calls libc's stdio functions and the presence of errors returned from the write(2) system call (or an overridden stdio write routine) a heap buffer overflow may occur. Such overflows may lead to data corruption or the execution of arbitrary code at the privilege level of the calling program.
Credit: secteam@freebsd.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| FreeBSD FreeBSD | <12.4 | |
| FreeBSD FreeBSD | >=13.0<13.2 | |
| FreeBSD FreeBSD | =12.4 | |
| FreeBSD FreeBSD | =12.4-p1 | |
| FreeBSD FreeBSD | =12.4-p2 | |
| FreeBSD FreeBSD | =12.4-p3 | |
| FreeBSD FreeBSD | =12.4-p4 | |
| FreeBSD FreeBSD | =12.4-p5 | |
| FreeBSD FreeBSD | =12.4-p6 | |
| FreeBSD FreeBSD | =12.4-rc2-p1 | |
| FreeBSD FreeBSD | =12.4-rc2-p2 | |
| FreeBSD FreeBSD | =13.2 | |
| FreeBSD FreeBSD | =13.2-p1 | |
| FreeBSD FreeBSD | =13.2-p2 | |
| FreeBSD FreeBSD | =13.2-p3 | |
| FreeBSD FreeBSD | =13.2-p4 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2023-5941?
CVE-2023-5941 is a vulnerability in the libc library on FreeBSD systems.
How severe is CVE-2023-5941?
CVE-2023-5941 has a severity score of 9.8, which is considered critical.
Which versions of FreeBSD are affected by CVE-2023-5941?
Versions of FreeBSD 12.4-RELEASE prior to 12.4-RELEASE-p7 and FreeBSD 13.2-RELEASE prior to 13.2-RELEASE-p5 are affected by CVE-2023-5941.
What is the impact of CVE-2023-5941?
CVE-2023-5941 allows an attacker to cause a buffer overflow in the libc stdio function, potentially leading to arbitrary code execution or a denial of service.
Where can I find more information about CVE-2023-5941?
You can find more information about CVE-2023-5941 in the FreeBSD Security Advisory FreeBSD-SA-23:15.stdio.asc.
- agent/author
- agent/description
- agent/epss
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/title
- agent/type
- agent/weakness
- collector/epss-latest
- source/FIRST
- collector/mitre-cve
- collector/nvd-api
- vendor/freebsd
- canonical/freebsd freebsd
- version/freebsd freebsd/13.0
- version/freebsd freebsd/12.4
- version/freebsd freebsd/12.4-p1
- version/freebsd freebsd/12.4-p2
- version/freebsd freebsd/12.4-p3
- version/freebsd freebsd/12.4-p4
- version/freebsd freebsd/12.4-p5
- version/freebsd freebsd/12.4-p6
- version/freebsd freebsd/12.4-rc2-p1
- version/freebsd freebsd/12.4-rc2-p2
- version/freebsd freebsd/13.2
- version/freebsd freebsd/13.2-p1
- version/freebsd freebsd/13.2-p2
- version/freebsd freebsd/13.2-p3
- version/freebsd freebsd/13.2-p4