CVE-2023-45841 - Vulnerability Details - OpenCVE

Multiple data integrity vulnerabilities exist in the package hash checking functionality of Buildroot 2023.08.1 and Buildroot dev commit 622698d7847. A specially crafted man-in-the-middle attack can lead to arbitrary command execution in the builder.This vulnerability is related to the `versal-firmware` package.

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Buildroot	Buildroot

Configuration 1 [-]

cpe:2.3:a:buildroot:buildroot:2023.08.1:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://www.openwall.com/lists/oss-security/2023/12/11/1
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1844

History

No history.

MITRE

Status: PUBLISHED

Assigner: talos

Published: 2023-12-05T11:30:10.990Z

Updated: 2025-02-13T17:14:13.770Z

Reserved: 2023-10-13T15:53:40.298Z

Link: CVE-2023-45841

Vulnrichment

No data.

NVD

Status : Modified

Published: 2023-12-05T12:15:43.773

Modified: 2024-11-21T08:27:28.107

Link: CVE-2023-45841

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-45841", "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", "state": "PUBLISHED", "assignerShortName": "talos", "dateReserved": "2023-10-13T15:53:40.298Z", "datePublished": "2023-12-05T11:30:10.990Z", "dateUpdated": "2025-02-13T17:14:13.770Z"}, "containers": {"cna": {"affected": [{"vendor": "Buildroot", "product": "Buildroot", "versions": [{"version": "2023.08.1", "status": "affected"}, {"version": "dev commit 622698d7847", "status": "affected"}]}], "descriptions": [{"lang": "en", "value": "Multiple data integrity vulnerabilities exist in the package hash checking functionality of Buildroot 2023.08.1 and Buildroot dev commit 622698d7847. A specially crafted man-in-the-middle attack can lead to arbitrary command execution in the builder.This vulnerability is related to the `versal-firmware` package."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-494: Download of Code Without Integrity Check", "type": "CWE", "cweId": "CWE-494"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH"}}], "providerMetadata": {"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", "shortName": "talos", "dateUpdated": "2023-12-11T03:06:24.953Z"}, "references": [{"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1844", "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1844"}, {"url": "http://www.openwall.com/lists/oss-security/2023/12/11/1"}], "credits": [{"lang": "en", "value": "Discovered by Claudio Bozzato and Francesco Benvenuto of Cisco Talos."}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T20:29:32.544Z"}, "title": "CVE Program Container", "references": [{"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1844", "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1844", "tags": ["x_transferred"]}, {"url": "http://www.openwall.com/lists/oss-security/2023/12/11/1", "tags": ["x_transferred"]}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:buildroot:buildroot:2023.08.1:*:*:*:*:*:*:*", "matchCriteriaId": "CF734410-BA22-45F7-AD10-CB28F69D1D81", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Multiple data integrity vulnerabilities exist in the package hash checking functionality of Buildroot 2023.08.1 and Buildroot dev commit 622698d7847. A specially crafted man-in-the-middle attack can lead to arbitrary command execution in the builder.This vulnerability is related to the `versal-firmware` package."}, {"lang": "es", "value": "Existen m\u00faltiples vulnerabilidades de integridad de datos en la funcionalidad de verificaci\u00f3n de hash del paquete de Buildroot 2023.08.1 y el commit de desarrollo de Buildroot 622698d7847. Un ataque de intermediario especialmente manipulado puede provocar la ejecuci\u00f3n de comandos arbitrarios en el generador. Esta vulnerabilidad est\u00e1 relacionada con el paquete \"versal-firmware\"."}], "id": "CVE-2023-45841", "lastModified": "2024-11-21T08:27:28.107", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 5.9, "source": "talos-cna@cisco.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-12-05T12:15:43.773", "references": [{"source": "talos-cna@cisco.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2023/12/11/1"}, {"source": "talos-cna@cisco.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1844"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2023/12/11/1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2023-1844"}], "sourceIdentifier": "talos-cna@cisco.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-494"}], "source": "talos-cna@cisco.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-494"}], "source": "nvd@nist.gov", "type": "Primary"}]}