How severe is CVE-2023-5563?

CVE-2023-5563 has a CVSS v3 score of 7.1 (HIGH).

CVE-2023-5563

Name: zephyr
Author: zephyrproject

7.1HIGH

The SJA1000 CAN controller driver backend automatically attempt to recover from a bus-off event when built with CONFIG_CAN_AUTO_BUS_OFF_RECOVERY=y. This results in calling k_sleep() in IRQ context, ca

게시됨: 10/13/2023업데이트됨: 11/21/2024

설명

The SJA1000 CAN controller driver backend automatically attempt to recover from a bus-off event when built with CONFIG_CAN_AUTO_BUS_OFF_RECOVERY=y. This results in calling k_sleep() in IRQ context, causing a fatal exception.

AI 분석AI 기반

영향받는 제품

zephyrprojectzephyr

참조

https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-98mc-rj7w-7rpv
Vendor Advisory
https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-98mc-rj7w-7rpv
Vendor Advisory