CVE-2023-4273

A flaw was found in the exFAT driver of the Linux kernel. The vulnerability exists in the implementation of the file name reconstruction function, which is responsible for reading file name entries from a directory index and merging file name parts belonging to one file into a single long file name. Since the file name characters are copied into a stack variable, a local privileged attacker could use this flaw to overflow the kernel stack.

CVSS v3 6.7 MEDIUM

6.7^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 0.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://access.redhat.com/errata/RHSA-2023:6583
https://access.redhat.com/security/cve/CVE-2023-4273	Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2221609	Issue Tracking Patch Third Party Advisory
https://dfir.ru/2023/08/23/cve-2023-4273-a-vulnerability-in-the-linux-exfat-driver/	Exploit Third Party Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:6.5:rc1::::::
	cpe:2.3:o:linux:linux_kernel:6.5:rc2::::::
	cpe:2.3:o:linux:linux_kernel:6.5:rc3::::::
	cpe:2.3:o:linux:linux_kernel:6.5:rc4::::::

Configuration 2 (hide)

OR	cpe:2.3:o:fedoraproject:fedora:37:::::::*
	cpe:2.3:o:fedoraproject:fedora:38:::::::*

Configuration 3 (hide)

cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*

Configuration 4 (hide)

OR	cpe:2.3:o:debian:debian_linux:11.0:::::::*
	cpe:2.3:o:debian:debian_linux:12.0:::::::*

Configuration 5 (hide)

AND

cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*

cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND

cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*

cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND

cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*

cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND

cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*

cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*

History

16 Sep 2024, 11:15

Type	Values Removed	Values Added
References	~~{'url': 'https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html', 'tags': ['Mailing List', 'Third Party Advisory'], 'source': 'secalert@redhat.com'}~~ ~~{'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/344H6HO6SSC4KT7PDFXSDIXKMKHISSGF/', 'tags': ['Mailing List'], 'source': 'secalert@redhat.com'}~~ {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3TYLSJ2SAI7RF56ZLQ5CQWCJLVJSD73Q/', 'tags': ['Mailing List', 'Third Party Advisory'], 'source': 'secalert@redhat.com'} ~~{'url': 'https://security.netapp.com/advisory/ntap-20231027-0002/', 'tags': ['Third Party Advisory'], 'source': 'secalert@redhat.com'}~~ ~~{'url': 'https://www.debian.org/security/2023/dsa-5480', 'tags': ['Third Party Advisory'], 'source': 'secalert@redhat.com'}~~ ~~{'url': 'https://www.debian.org/security/2023/dsa-5492', 'tags': ['Third Party Advisory'], 'source': 'secalert@redhat.com'}~~

07 Nov 2023, 14:15

Type	Values Removed	Values Added
References		() https://access.redhat.com/errata/RHSA-2023:6583 -

02 Nov 2023, 01:43

Type	Values Removed	Values Added
First Time		Debian debian Linux Netapp h300s Firmware Netapp h300s Netapp h700s Firmware Netapp Netapp h410s Netapp h500s Firmware Debian Netapp h410s Firmware Netapp h500s Netapp h700s
CPE		cpe:2.3:h:netapp:h300s:-:::::::* cpe:2.3:o:netapp:h500s_firmware:-:::::::* cpe:2.3:o:debian:debian_linux:11.0:::::::* cpe:2.3:o:netapp:h300s_firmware:-:::::::* cpe:2.3:o:netapp:h700s_firmware:-:::::::* cpe:2.3:h:netapp:h500s:-:::::::* cpe:2.3:o:fedoraproject:fedora:37:::::::* cpe:2.3:o:debian:debian_linux:12.0:::::::* cpe:2.3:h:netapp:h410s:-:::::::* cpe:2.3:o:netapp:h410s_firmware:-:::::::* cpe:2.3:h:netapp:h700s:-:::::::*
References	~~(MISC) https://www.debian.org/security/2023/dsa-5480 -~~	(MISC) https://www.debian.org/security/2023/dsa-5480 - Third Party Advisory
References	~~(MISC) https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html -~~	(MISC) https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html - Mailing List, Third Party Advisory
References	~~(MISC) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/344H6HO6SSC4KT7PDFXSDIXKMKHISSGF/ -~~	(MISC) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/344H6HO6SSC4KT7PDFXSDIXKMKHISSGF/ - Mailing List
References	~~(MISC) https://dfir.ru/2023/08/23/cve-2023-4273-a-vulnerability-in-the-linux-exfat-driver/ -~~	(MISC) https://dfir.ru/2023/08/23/cve-2023-4273-a-vulnerability-in-the-linux-exfat-driver/ - Exploit, Third Party Advisory
References	~~(MISC) https://www.debian.org/security/2023/dsa-5492 -~~	(MISC) https://www.debian.org/security/2023/dsa-5492 - Third Party Advisory
References	~~(MISC) https://security.netapp.com/advisory/ntap-20231027-0002/ -~~	(MISC) https://security.netapp.com/advisory/ntap-20231027-0002/ - Third Party Advisory

27 Oct 2023, 15:15

Type	Values Removed	Values Added
References		(MISC) https://security.netapp.com/advisory/ntap-20231027-0002/ -

20 Oct 2023, 00:15

Type	Values Removed	Values Added
References		(MISC) https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html -

10 Sep 2023, 12:16

Type	Values Removed	Values Added
References		(MISC) https://www.debian.org/security/2023/dsa-5492 -

28 Aug 2023, 16:15

Type	Values Removed	Values Added
References		(MISC) https://dfir.ru/2023/08/23/cve-2023-4273-a-vulnerability-in-the-linux-exfat-driver/ -

19 Aug 2023, 18:17

Type	Values Removed	Values Added
References		(MISC) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/344H6HO6SSC4KT7PDFXSDIXKMKHISSGF/ - (MISC) https://www.debian.org/security/2023/dsa-5480 -

17 Aug 2023, 01:47

Type	Values Removed	Values Added
CPE		cpe:2.3:o:linux:linux_kernel:6.5:rc4:::::: cpe:2.3:o:linux:linux_kernel:6.5:rc1:::::: cpe:2.3:o:linux:linux_kernel:::::::: cpe:2.3:o:linux:linux_kernel:6.5:rc3:::::: cpe:2.3:o:redhat:enterprise_linux:9.0:::::::* cpe:2.3:o:linux:linux_kernel:6.5:rc2:::::: cpe:2.3:o:fedoraproject:fedora:38:::::::*
References	~~(MISC) https://bugzilla.redhat.com/show_bug.cgi?id=2221609 -~~	(MISC) https://bugzilla.redhat.com/show_bug.cgi?id=2221609 - Issue Tracking, Patch, Third Party Advisory
References	~~(MISC) https://access.redhat.com/security/cve/CVE-2023-4273 -~~	(MISC) https://access.redhat.com/security/cve/CVE-2023-4273 - Third Party Advisory
References	~~(MISC) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3TYLSJ2SAI7RF56ZLQ5CQWCJLVJSD73Q/ -~~	(MISC) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3TYLSJ2SAI7RF56ZLQ5CQWCJLVJSD73Q/ - Mailing List, Third Party Advisory
First Time		Fedoraproject Linux Redhat Linux linux Kernel Fedoraproject fedora Redhat enterprise Linux
CWE		CWE-787
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 6.7

14 Aug 2023, 03:15

Type	Values Removed	Values Added
References		(MISC) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3TYLSJ2SAI7RF56ZLQ5CQWCJLVJSD73Q/ -

09 Aug 2023, 15:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2023-08-09 15:15

Updated : 2024-09-16 11:15

NVD link : CVE-2023-4273

Mitre link : CVE-2023-4273

CVE.ORG link : CVE-2023-4273

JSON object : View

Products Affected

netapp

h700s
h300s
h300s_firmware
h410s_firmware
h500s
h700s_firmware
h410s
h500s_firmware

redhat

enterprise_linux

linux

linux_kernel

debian

debian_linux

fedoraproject

fedora

CWE

CWE-787

Out-of-bounds Write

CWE-121

Stack-based Buffer Overflow

6.7 /10