CVE-2023-4273

A flaw was found in the exFAT driver of the Linux kernel. The vulnerability exists in the implementation of the file name reconstruction function, which is responsible for reading file name entries from a directory index and merging file name parts belonging to one file into a single long file name. Since the file name characters are copied into a stack variable, a local privileged attacker could use this flaw to overflow the kernel stack.

CVSS v3.0 6.7 MEDIUM

6.7^/10

CVSS v3.0 : MEDIUM

V3 Legend

Vector :

Exploitability : 0.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://access.redhat.com/security/cve/CVE-2023-4273	Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2221609	Issue Tracking Patch Third Party Advisory
https://dfir.ru/2023/08/23/cve-2023-4273-a-vulnerability-in-the-linux-exfat-driver/	Exploit Third Party Advisory
https://access.redhat.com/errata/RHSA-2023:6583

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel:6.5:rc1::::::
	cpe:2.3:o:linux:linux_kernel:6.5:rc2::::::
	cpe:2.3:o:linux:linux_kernel:6.5:rc3::::::
	cpe:2.3:o:linux:linux_kernel:6.5:rc4::::::

Configuration 2 (hide)

OR	cpe:2.3:o:fedoraproject:fedora:37:::::::*
	cpe:2.3:o:fedoraproject:fedora:38:::::::*

Configuration 3 (hide)

cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*

Configuration 4 (hide)

OR	cpe:2.3:o:debian:debian_linux:11.0:::::::*
	cpe:2.3:o:debian:debian_linux:12.0:::::::*

Configuration 5 (hide)

AND

cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND

cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND

cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND

cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*

History

16 Sep 2024, 11:15

Type	Values Removed	Values Added
References	{'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3TYLSJ2SAI7RF56ZLQ5CQWCJLVJSD73Q/', 'name': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3TYLSJ2SAI7RF56ZLQ5CQWCJLVJSD73Q/', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'MISC'} {'url': 'https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html', 'name': 'https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html', 'tags': ['Mailing List', 'Third Party Advisory'], 'refsource': 'MISC'} ~~{'url': 'https://www.debian.org/security/2023/dsa-5492', 'name': 'https://www.debian.org/security/2023/dsa-5492', 'tags': ['Third Party Advisory'], 'refsource': 'MISC'}~~ ~~{'url': 'https://www.debian.org/security/2023/dsa-5480', 'name': 'https://www.debian.org/security/2023/dsa-5480', 'tags': ['Third Party Advisory'], 'refsource': 'MISC'}~~ {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/344H6HO6SSC4KT7PDFXSDIXKMKHISSGF/', 'name': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/344H6HO6SSC4KT7PDFXSDIXKMKHISSGF/', 'tags': ['Mailing List'], 'refsource': 'MISC'} ~~{'url': 'https://security.netapp.com/advisory/ntap-20231027-0002/', 'name': 'https://security.netapp.com/advisory/ntap-20231027-0002/', 'tags': ['Third Party Advisory'], 'refsource': 'MISC'}~~

07 Nov 2023, 14:15

Type	Values Removed	Values Added
References		() https://access.redhat.com/errata/RHSA-2023:6583 -

02 Nov 2023, 01:43

Type	Values Removed	Values Added
First Time		Debian Netapp h410s Firmware Netapp h500s Netapp h700s Firmware Netapp h300s Debian debian Linux Netapp h410s Netapp h700s Netapp Netapp h300s Firmware Netapp h500s Firmware
References	~~(MISC) https://dfir.ru/2023/08/23/cve-2023-4273-a-vulnerability-in-the-linux-exfat-driver/ -~~	(MISC) https://dfir.ru/2023/08/23/cve-2023-4273-a-vulnerability-in-the-linux-exfat-driver/ - Exploit, Third Party Advisory
References	~~(MISC) https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html -~~	(MISC) https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html - Mailing List, Third Party Advisory
References	~~(MISC) https://www.debian.org/security/2023/dsa-5492 -~~	(MISC) https://www.debian.org/security/2023/dsa-5492 - Third Party Advisory
References	~~(MISC) https://www.debian.org/security/2023/dsa-5480 -~~	(MISC) https://www.debian.org/security/2023/dsa-5480 - Third Party Advisory
References	~~(MISC) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/344H6HO6SSC4KT7PDFXSDIXKMKHISSGF/ -~~	(MISC) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/344H6HO6SSC4KT7PDFXSDIXKMKHISSGF/ - Mailing List
References	~~(MISC) https://security.netapp.com/advisory/ntap-20231027-0002/ -~~	(MISC) https://security.netapp.com/advisory/ntap-20231027-0002/ - Third Party Advisory
CPE		cpe:2.3:o:debian:debian_linux:12.0:::::::* cpe:2.3:o:fedoraproject:fedora:37:::::::* cpe:2.3:h:netapp:h300s:-:::::::* cpe:2.3:o:netapp:h500s_firmware:-:::::::* cpe:2.3:o:netapp:h700s_firmware:-:::::::* cpe:2.3:h:netapp:h410s:-:::::::* cpe:2.3:o:debian:debian_linux:11.0:::::::* cpe:2.3:o:netapp:h410s_firmware:-:::::::* cpe:2.3:o:netapp:h300s_firmware:-:::::::* cpe:2.3:h:netapp:h700s:-:::::::* cpe:2.3:h:netapp:h500s:-:::::::*

27 Oct 2023, 15:15

Type	Values Removed	Values Added
References		(MISC) https://security.netapp.com/advisory/ntap-20231027-0002/ -

20 Oct 2023, 00:15

Type	Values Removed	Values Added
References		(MISC) https://www.debian.org/security/2023/dsa-5492 - (MISC) https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html -

28 Aug 2023, 16:15

Type	Values Removed	Values Added
References		(MISC) https://dfir.ru/2023/08/23/cve-2023-4273-a-vulnerability-in-the-linux-exfat-driver/ -

19 Aug 2023, 18:17

Type	Values Removed	Values Added
References		(MISC) https://www.debian.org/security/2023/dsa-5480 - (MISC) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/344H6HO6SSC4KT7PDFXSDIXKMKHISSGF/ -

17 Aug 2023, 01:47

Type	Values Removed	Values Added
CWE		CWE-787
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 6.7
CPE		cpe:2.3:o:linux:linux_kernel:6.5:rc3:::::: cpe:2.3:o:linux:linux_kernel:6.5:rc4:::::: cpe:2.3:o:linux:linux_kernel:::::::: cpe:2.3:o:fedoraproject:fedora:38:::::::* cpe:2.3:o:linux:linux_kernel:6.5:rc2:::::: cpe:2.3:o:redhat:enterprise_linux:9.0:::::::* cpe:2.3:o:linux:linux_kernel:6.5:rc1::::::
References	~~(MISC) https://bugzilla.redhat.com/show_bug.cgi?id=2221609 -~~	(MISC) https://bugzilla.redhat.com/show_bug.cgi?id=2221609 - Issue Tracking, Patch, Third Party Advisory
References	~~(MISC) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3TYLSJ2SAI7RF56ZLQ5CQWCJLVJSD73Q/ -~~	(MISC) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3TYLSJ2SAI7RF56ZLQ5CQWCJLVJSD73Q/ - Mailing List, Third Party Advisory
References	~~(MISC) https://access.redhat.com/security/cve/CVE-2023-4273 -~~	(MISC) https://access.redhat.com/security/cve/CVE-2023-4273 - Third Party Advisory
First Time		Linux Fedoraproject fedora Redhat enterprise Linux Linux linux Kernel Redhat Fedoraproject

14 Aug 2023, 03:15

Type	Values Removed	Values Added
References		(MISC) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3TYLSJ2SAI7RF56ZLQ5CQWCJLVJSD73Q/ -

09 Aug 2023, 15:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2023-08-09 15:15

Updated : 2024-09-16 11:15

NVD link : CVE-2023-4273

Mitre link : CVE-2023-4273

JSON object : View

Products Affected

debian

debian_linux

netapp

h500s
h410s
h300s
h700s_firmware
h500s_firmware
h410s_firmware
h700s
h300s_firmware

redhat

enterprise_linux

fedoraproject

fedora

linux

linux_kernel

CWE

CWE-787

Out-of-bounds Write

6.7 /10