CVE-2023-28772

medium

Description

An issue was discovered in the Linux kernel before 5.13.3. lib/seq_buf.c has a seq_buf_putmem_hex buffer overflow.

References

https://security.netapp.com/advisory/ntap-20230427-0005/

https://lore.kernel.org/lkml/20210625122453.5e2fe304%40oasis.local.home/

https://lkml.kernel.org/r/20210626032156.47889-1-yun.zhou%40windriver.com

https://github.com/torvalds/linux/commit/d3b16034a24a112bb83aeb669ac5b9b01f744bb7

https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.3

Details

Source: Mitre, NVD

Published: 2023-03-23

Updated: 2025-05-05

Risk Information

CVSS v2

Base Score: 6.5

Vector: CVSS2#AV:L/AC:L/Au:M/C:C/I:C/A:C

Severity: Medium

CVSS v3

Base Score: 6.7

Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Severity: Medium

EPSS

EPSS: 0.00226