CVE-2023-4163

Description

In Brocade Fabric OS before v9.2.0a, a local authenticated privileged user can trigger a buffer overflow condition, leading to a kernel panic with large input to buffers in the portcfgfportbuffers command.

CVSS breakdown

CVSS 3.1

Attack Vector

Local

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

Affected products

Brocade / Brocade Fabric OSFabric OS before v9.2.0a – Fabric OS before v9.2.0a

References

VENDOR_ADVISORYhttps://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/22514
MISChttps://security.netapp.com/advisory/ntap-20231130-0001/