How severe is CVE-2023-43608?

CVE-2023-43608 has a CVSS v3 score of 8.1 (HIGH).

CVE-2023-43608

Name: buildroot
Author: buildroot

8.1HIGH

A data integrity vulnerability exists in the BR_NO_CHECK_HASH_FOR functionality of Buildroot 2023.08.1 and dev commit 622698d7847. A specially crafted man-in-the-middle attack can lead to arbitrary co

Publicado: 12/5/2023Atualizado: 11/4/2025

Descrição

A data integrity vulnerability exists in the BR_NO_CHECK_HASH_FOR functionality of Buildroot 2023.08.1 and dev commit 622698d7847. A specially crafted man-in-the-middle attack can lead to arbitrary command execution in the builder.

Análise IADesenvolvido por IA

Produtos Afetados

buildrootbuildroot

2023.08.1

Referências

http://www.openwall.com/lists/oss-security/2023/12/11/1
PatchThird Party Advisory
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1845
ExploitThird Party Advisory
http://www.openwall.com/lists/oss-security/2023/12/11/1
PatchThird Party Advisory
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1845
ExploitThird Party Advisory
https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1845