Vulnerability Details CVE-2023-40216
OpenBSD 7.3 before errata 014 is missing an argument-count bounds check in console terminal emulation. This could cause incorrect memory access and a kernel crash after receiving crafted DCS or CSI terminal escape sequences.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 11.4%
CVSS Severity
CVSS v3 Score 5.5
References
- https://ftp.openbsd.org/pub/OpenBSD/patches/7.3/common/014_wscons.patch.sig
- https://github.com/openbsd/src/commit/9d3f688f46eba347e96ff0ae9506ef2061622e0c
- https://ftp.openbsd.org/pub/OpenBSD/patches/7.3/common/014_wscons.patch.sig
- https://github.com/openbsd/src/commit/9d3f688f46eba347e96ff0ae9506ef2061622e0c