Vulnerability-Lookup

CVE-2023-28448 (GCVE-0-2023-28448)

Vulnerability from cvelistv5 – Published: 2023-03-24 19:34 – Updated: 2025-02-19 20:26

Title

Versionize is lacking bound checks, potentially leading to out of bounds memory access

Summary

Versionize is a framework for version tolerant serializion/deserialization of Rust data structures, designed for usecases that need fast deserialization times and minimal size overhead. An issue was discovered in the ‘Versionize::deserialize’ implementation provided by the ‘versionize’ crate for ‘vmm_sys_utils::fam::FamStructWrapper', which can lead to out of bounds memory accesses. The impact started with version 0.1.1. The issue was corrected in version 0.1.10 by inserting a check that verifies, for any deserialized header, the lengths of compared flexible arrays are equal and aborting deserialization otherwise.

Severity ?

5.7 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L

CWE

CWE-125 - Out-of-bounds Read

Assigner

GitHub_M

References

URL

Tags

	https://github.com/firecracker-microvm/versionize…	x_refsource_CONFIRM
	https://github.com/firecracker-microvm/versionize…	x_refsource_MISC
	https://github.com/firecracker-microvm/versionize…	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	firecracker-microvm	versionize	Affected: < 0.1.10

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T12:38:25.360Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://github.com/firecracker-microvm/versionize/security/advisories/GHSA-8vxc-r5wp-vgvc",
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/firecracker-microvm/versionize/security/advisories/GHSA-8vxc-r5wp-vgvc"
          },
          {
            "name": "https://github.com/firecracker-microvm/versionize/pull/53",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/firecracker-microvm/versionize/pull/53"
          },
          {
            "name": "https://github.com/firecracker-microvm/versionize/commit/a57a051ba006cfa3b41a0532f484df759e008d47",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/firecracker-microvm/versionize/commit/a57a051ba006cfa3b41a0532f484df759e008d47"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-28448",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-19T20:26:08.930432Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-19T20:26:23.804Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "versionize",
          "vendor": "firecracker-microvm",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 0.1.10"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Versionize is a framework for version tolerant serializion/deserialization of Rust data structures, designed for usecases that need fast deserialization times and minimal size overhead. An issue was discovered in the \u2018Versionize::deserialize\u2019 implementation provided by the \u2018versionize\u2019 crate for \u2018vmm_sys_utils::fam::FamStructWrapper\u0027, which can lead to out of bounds memory accesses. The impact started with version 0.1.1. The issue was corrected in version 0.1.10 by inserting a check that verifies, for any deserialized header, the lengths of compared flexible arrays are equal and aborting deserialization otherwise.\n"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "LOW",
            "baseScore": 5.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-125",
              "description": "CWE-125: Out-of-bounds Read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-03-24T19:34:29.037Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/firecracker-microvm/versionize/security/advisories/GHSA-8vxc-r5wp-vgvc",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/firecracker-microvm/versionize/security/advisories/GHSA-8vxc-r5wp-vgvc"
        },
        {
          "name": "https://github.com/firecracker-microvm/versionize/pull/53",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/firecracker-microvm/versionize/pull/53"
        },
        {
          "name": "https://github.com/firecracker-microvm/versionize/commit/a57a051ba006cfa3b41a0532f484df759e008d47",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/firecracker-microvm/versionize/commit/a57a051ba006cfa3b41a0532f484df759e008d47"
        }
      ],
      "source": {
        "advisory": "GHSA-8vxc-r5wp-vgvc",
        "discovery": "UNKNOWN"
      },
      "title": "Versionize is lacking bound checks, potentially leading to out of bounds memory access"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2023-28448",
    "datePublished": "2023-03-24T19:34:29.037Z",
    "dateReserved": "2023-03-15T15:59:10.057Z",
    "dateUpdated": "2025-02-19T20:26:23.804Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2023-28448\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2023-03-24T20:15:15.613\",\"lastModified\":\"2024-11-21T07:55:06.097\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Versionize is a framework for version tolerant serializion/deserialization of Rust data structures, designed for usecases that need fast deserialization times and minimal size overhead. An issue was discovered in the \u2018Versionize::deserialize\u2019 implementation provided by the \u2018versionize\u2019 crate for \u2018vmm_sys_utils::fam::FamStructWrapper\u0027, which can lead to out of bounds memory accesses. The impact started with version 0.1.1. The issue was corrected in version 0.1.10 by inserting a check that verifies, for any deserialized header, the lengths of compared flexible arrays are equal and aborting deserialization otherwise.\\n\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L\",\"baseScore\":5.7,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":2.5,\"impactScore\":2.7},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-125\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-125\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:versionize_project:versionize:*:*:*:*:*:rust:*:*\",\"versionStartIncluding\":\"0.1.1\",\"versionEndExcluding\":\"0.1.10\",\"matchCriteriaId\":\"16F37684-4478-44B1-A067-78576CCD0E71\"}]}]}],\"references\":[{\"url\":\"https://github.com/firecracker-microvm/versionize/commit/a57a051ba006cfa3b41a0532f484df759e008d47\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/firecracker-microvm/versionize/pull/53\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/firecracker-microvm/versionize/security/advisories/GHSA-8vxc-r5wp-vgvc\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/firecracker-microvm/versionize/commit/a57a051ba006cfa3b41a0532f484df759e008d47\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/firecracker-microvm/versionize/pull/53\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/firecracker-microvm/versionize/security/advisories/GHSA-8vxc-r5wp-vgvc\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://github.com/firecracker-microvm/versionize/security/advisories/GHSA-8vxc-r5wp-vgvc\", \"name\": \"https://github.com/firecracker-microvm/versionize/security/advisories/GHSA-8vxc-r5wp-vgvc\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://github.com/firecracker-microvm/versionize/pull/53\", \"name\": \"https://github.com/firecracker-microvm/versionize/pull/53\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://github.com/firecracker-microvm/versionize/commit/a57a051ba006cfa3b41a0532f484df759e008d47\", \"name\": \"https://github.com/firecracker-microvm/versionize/commit/a57a051ba006cfa3b41a0532f484df759e008d47\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T12:38:25.360Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-28448\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-02-19T20:26:08.930432Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-02-19T20:25:40.870Z\"}}], \"cna\": {\"title\": \"Versionize is lacking bound checks, potentially leading to out of bounds memory access\", \"source\": {\"advisory\": \"GHSA-8vxc-r5wp-vgvc\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 5.7, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"firecracker-microvm\", \"product\": \"versionize\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c 0.1.10\"}]}], \"references\": [{\"url\": \"https://github.com/firecracker-microvm/versionize/security/advisories/GHSA-8vxc-r5wp-vgvc\", \"name\": \"https://github.com/firecracker-microvm/versionize/security/advisories/GHSA-8vxc-r5wp-vgvc\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/firecracker-microvm/versionize/pull/53\", \"name\": \"https://github.com/firecracker-microvm/versionize/pull/53\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/firecracker-microvm/versionize/commit/a57a051ba006cfa3b41a0532f484df759e008d47\", \"name\": \"https://github.com/firecracker-microvm/versionize/commit/a57a051ba006cfa3b41a0532f484df759e008d47\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Versionize is a framework for version tolerant serializion/deserialization of Rust data structures, designed for usecases that need fast deserialization times and minimal size overhead. An issue was discovered in the \\u2018Versionize::deserialize\\u2019 implementation provided by the \\u2018versionize\\u2019 crate for \\u2018vmm_sys_utils::fam::FamStructWrapper\u0027, which can lead to out of bounds memory accesses. The impact started with version 0.1.1. The issue was corrected in version 0.1.10 by inserting a check that verifies, for any deserialized header, the lengths of compared flexible arrays are equal and aborting deserialization otherwise.\\n\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-125\", \"description\": \"CWE-125: Out-of-bounds Read\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2023-03-24T19:34:29.037Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2023-28448\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-02-19T20:26:23.804Z\", \"dateReserved\": \"2023-03-15T15:59:10.057Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2023-03-24T19:34:29.037Z\", \"assignerShortName\": \"GitHub_M\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

FKIE_CVE-2023-28448

Vulnerability from fkie_nvd - Published: 2023-03-24 20:15 - Updated: 2024-11-21 07:55

Severity ?

5.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

References

URL	Tags
security-advisories@github.com	https://github.com/firecracker-microvm/versionize/commit/a57a051ba006cfa3b41a0532f484df759e008d47	Patch, Third Party Advisory
security-advisories@github.com	https://github.com/firecracker-microvm/versionize/pull/53	Third Party Advisory
security-advisories@github.com	https://github.com/firecracker-microvm/versionize/security/advisories/GHSA-8vxc-r5wp-vgvc	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/firecracker-microvm/versionize/commit/a57a051ba006cfa3b41a0532f484df759e008d47	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/firecracker-microvm/versionize/pull/53	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/firecracker-microvm/versionize/security/advisories/GHSA-8vxc-r5wp-vgvc	Third Party Advisory

Impacted products

	Vendor	Product	Version
	versionize_project	versionize	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:versionize_project:versionize:*:*:*:*:*:rust:*:*",
              "matchCriteriaId": "16F37684-4478-44B1-A067-78576CCD0E71",
              "versionEndExcluding": "0.1.10",
              "versionStartIncluding": "0.1.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Versionize is a framework for version tolerant serializion/deserialization of Rust data structures, designed for usecases that need fast deserialization times and minimal size overhead. An issue was discovered in the \u2018Versionize::deserialize\u2019 implementation provided by the \u2018versionize\u2019 crate for \u2018vmm_sys_utils::fam::FamStructWrapper\u0027, which can lead to out of bounds memory accesses. The impact started with version 0.1.1. The issue was corrected in version 0.1.10 by inserting a check that verifies, for any deserialized header, the lengths of compared flexible arrays are equal and aborting deserialization otherwise.\n"
    }
  ],
  "id": "CVE-2023-28448",
  "lastModified": "2024-11-21T07:55:06.097",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "LOW",
          "baseScore": 5.7,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 2.5,
        "impactScore": 2.7,
        "source": "security-advisories@github.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-03-24T20:15:15.613",
  "references": [
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/firecracker-microvm/versionize/commit/a57a051ba006cfa3b41a0532f484df759e008d47"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://github.com/firecracker-microvm/versionize/pull/53"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://github.com/firecracker-microvm/versionize/security/advisories/GHSA-8vxc-r5wp-vgvc"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/firecracker-microvm/versionize/commit/a57a051ba006cfa3b41a0532f484df759e008d47"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://github.com/firecracker-microvm/versionize/pull/53"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://github.com/firecracker-microvm/versionize/security/advisories/GHSA-8vxc-r5wp-vgvc"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-125"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-125"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

MSRC_CVE-2023-28448

Vulnerability from csaf_microsoft - Published: 2023-03-10 00:00 - Updated: 2023-04-03 00:00

Summary

Versionize is lacking bound checks potentially leading to out of bounds memory access

Notes

Additional Resources

To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle

Disclaimer

The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.

JSON

To clipboard

{
  "document": {
    "category": "csaf_vex",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Public",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
        "title": "Additional Resources"
      },
      {
        "category": "legal_disclaimer",
        "text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
        "title": "Disclaimer"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "secure@microsoft.com",
      "name": "Microsoft Security Response Center",
      "namespace": "https://msrc.microsoft.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "CVE-2023-28448 Versionize is lacking bound checks potentially leading to out of bounds memory access - VEX",
        "url": "https://msrc.microsoft.com/csaf/vex/2023/msrc_cve-2023-28448.json"
      },
      {
        "category": "external",
        "summary": "Microsoft Support Lifecycle",
        "url": "https://support.microsoft.com/lifecycle"
      },
      {
        "category": "external",
        "summary": "Common Vulnerability Scoring System",
        "url": "https://www.first.org/cvss"
      }
    ],
    "title": "Versionize is lacking bound checks potentially leading to out of bounds memory access",
    "tracking": {
      "current_release_date": "2023-04-03T00:00:00.000Z",
      "generator": {
        "date": "2025-12-27T17:04:43.530Z",
        "engine": {
          "name": "MSRC Generator",
          "version": "1.0"
        }
      },
      "id": "msrc_CVE-2023-28448",
      "initial_release_date": "2023-03-10T00:00:00.000Z",
      "revision_history": [
        {
          "date": "2023-04-03T00:00:00.000Z",
          "legacy_version": "1",
          "number": "1",
          "summary": "Information published."
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "1.0",
                "product": {
                  "name": "CBL Mariner 1.0",
                  "product_id": "16820"
                }
              },
              {
                "category": "product_version",
                "name": "2.0",
                "product": {
                  "name": "CBL Mariner 2.0",
                  "product_id": "17086"
                }
              }
            ],
            "category": "product_name",
            "name": "Azure Linux"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003ccm1 cloud-hypervisor 22.0-2",
                "product": {
                  "name": "\u003ccm1 cloud-hypervisor 22.0-2",
                  "product_id": "2"
                }
              },
              {
                "category": "product_version",
                "name": "cm1 cloud-hypervisor 22.0-2",
                "product": {
                  "name": "cm1 cloud-hypervisor 22.0-2",
                  "product_id": "17918"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003ccbl2 cloud-hypervisor 30.0-2",
                "product": {
                  "name": "\u003ccbl2 cloud-hypervisor 30.0-2",
                  "product_id": "1"
                }
              },
              {
                "category": "product_version",
                "name": "cbl2 cloud-hypervisor 30.0-2",
                "product": {
                  "name": "cbl2 cloud-hypervisor 30.0-2",
                  "product_id": "17919"
                }
              }
            ],
            "category": "product_name",
            "name": "cloud-hypervisor"
          }
        ],
        "category": "vendor",
        "name": "Microsoft"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "\u003ccm1 cloud-hypervisor 22.0-2 as a component of CBL Mariner 1.0",
          "product_id": "16820-2"
        },
        "product_reference": "2",
        "relates_to_product_reference": "16820"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cm1 cloud-hypervisor 22.0-2 as a component of CBL Mariner 1.0",
          "product_id": "17918-16820"
        },
        "product_reference": "17918",
        "relates_to_product_reference": "16820"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "\u003ccbl2 cloud-hypervisor 30.0-2 as a component of CBL Mariner 2.0",
          "product_id": "17086-1"
        },
        "product_reference": "1",
        "relates_to_product_reference": "17086"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cbl2 cloud-hypervisor 30.0-2 as a component of CBL Mariner 2.0",
          "product_id": "17919-17086"
        },
        "product_reference": "17919",
        "relates_to_product_reference": "17086"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-28448",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "notes": [
        {
          "category": "general",
          "text": "GitHub_M",
          "title": "Assigning CNA"
        }
      ],
      "product_status": {
        "fixed": [
          "17918-16820",
          "17919-17086"
        ],
        "known_affected": [
          "16820-2",
          "17086-1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2023-28448 Versionize is lacking bound checks potentially leading to out of bounds memory access - VEX",
          "url": "https://msrc.microsoft.com/csaf/vex/2023/msrc_cve-2023-28448.json"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2023-04-03T00:00:00.000Z",
          "details": "22.0-2:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
          "product_ids": [
            "16820-2"
          ],
          "url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
        },
        {
          "category": "vendor_fix",
          "date": "2023-04-03T00:00:00.000Z",
          "details": "30.0-2:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
          "product_ids": [
            "17086-1"
          ],
          "url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "environmentalsScore": 0.0,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "temporalScore": 7.5,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "16820-2",
            "17086-1"
          ]
        }
      ],
      "title": "Versionize is lacking bound checks potentially leading to out of bounds memory access"
    }
  ]
}

GSD-2023-28448

Vulnerability from gsd - Updated: 2023-12-13 01:20

Details

Aliases

CVE-2023-28448

Aliases

CVE-2023-28448

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2023-28448",
    "id": "GSD-2023-28448"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2023-28448"
      ],
      "details": "Versionize is a framework for version tolerant serializion/deserialization of Rust data structures, designed for usecases that need fast deserialization times and minimal size overhead. An issue was discovered in the \u2018Versionize::deserialize\u2019 implementation provided by the \u2018versionize\u2019 crate for \u2018vmm_sys_utils::fam::FamStructWrapper\u0027, which can lead to out of bounds memory accesses. The impact started with version 0.1.1. The issue was corrected in version 0.1.10 by inserting a check that verifies, for any deserialized header, the lengths of compared flexible arrays are equal and aborting deserialization otherwise.",
      "id": "GSD-2023-28448",
      "modified": "2023-12-13T01:20:47.544215Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security-advisories@github.com",
        "ID": "CVE-2023-28448",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "versionize",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "\u003c 0.1.10"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "firecracker-microvm"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Versionize is a framework for version tolerant serializion/deserialization of Rust data structures, designed for usecases that need fast deserialization times and minimal size overhead. An issue was discovered in the \u2018Versionize::deserialize\u2019 implementation provided by the \u2018versionize\u2019 crate for \u2018vmm_sys_utils::fam::FamStructWrapper\u0027, which can lead to out of bounds memory accesses. The impact started with version 0.1.1. The issue was corrected in version 0.1.10 by inserting a check that verifies, for any deserialized header, the lengths of compared flexible arrays are equal and aborting deserialization otherwise."
          }
        ]
      },
      "impact": {
        "cvss": [
          {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "LOW",
            "baseScore": 5.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L",
            "version": "3.1"
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "cweId": "CWE-125",
                "lang": "eng",
                "value": "CWE-125: Out-of-bounds Read"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://github.com/firecracker-microvm/versionize/security/advisories/GHSA-8vxc-r5wp-vgvc",
            "refsource": "MISC",
            "url": "https://github.com/firecracker-microvm/versionize/security/advisories/GHSA-8vxc-r5wp-vgvc"
          },
          {
            "name": "https://github.com/firecracker-microvm/versionize/pull/53",
            "refsource": "MISC",
            "url": "https://github.com/firecracker-microvm/versionize/pull/53"
          },
          {
            "name": "https://github.com/firecracker-microvm/versionize/commit/a57a051ba006cfa3b41a0532f484df759e008d47",
            "refsource": "MISC",
            "url": "https://github.com/firecracker-microvm/versionize/commit/a57a051ba006cfa3b41a0532f484df759e008d47"
          }
        ]
      },
      "source": {
        "advisory": "GHSA-8vxc-r5wp-vgvc",
        "discovery": "UNKNOWN"
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:versionize_project:versionize:*:*:*:*:*:rust:*:*",
                "cpe_name": [],
                "versionEndExcluding": "0.1.10",
                "versionStartIncluding": "0.1.1",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "security-advisories@github.com",
          "ID": "CVE-2023-28448"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Versionize is a framework for version tolerant serializion/deserialization of Rust data structures, designed for usecases that need fast deserialization times and minimal size overhead. An issue was discovered in the \u2018Versionize::deserialize\u2019 implementation provided by the \u2018versionize\u2019 crate for \u2018vmm_sys_utils::fam::FamStructWrapper\u0027, which can lead to out of bounds memory accesses. The impact started with version 0.1.1. The issue was corrected in version 0.1.10 by inserting a check that verifies, for any deserialized header, the lengths of compared flexible arrays are equal and aborting deserialization otherwise."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-125"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/firecracker-microvm/versionize/pull/53",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://github.com/firecracker-microvm/versionize/pull/53"
            },
            {
              "name": "https://github.com/firecracker-microvm/versionize/commit/a57a051ba006cfa3b41a0532f484df759e008d47",
              "refsource": "MISC",
              "tags": [
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://github.com/firecracker-microvm/versionize/commit/a57a051ba006cfa3b41a0532f484df759e008d47"
            },
            {
              "name": "https://github.com/firecracker-microvm/versionize/security/advisories/GHSA-8vxc-r5wp-vgvc",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://github.com/firecracker-microvm/versionize/security/advisories/GHSA-8vxc-r5wp-vgvc"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2023-03-31T14:23Z",
      "publishedDate": "2023-03-24T20:15Z"
    }
  }
}

GHSA-8VXC-R5WP-VGVC

Vulnerability from github – Published: 2023-03-24 22:00 – Updated: 2023-03-24 22:00

Summary

Versionize::deserialize implementation for FamStructWrapper<T> is lacking bound checks, potentially leading to out of bounds memory accesses

Details

Impact

An issue was discovered in the Versionize::deserialize implementation provided by the versionize crate for vmm_sys_util::fam::FamStructWrapper, which can lead to out of bounds memory accesses.

Patches

The impact started with version 0.1.1. The issue was corrected in version 0.1.10 by inserting a check that verifies, for any deserialized header, the lengths of compared flexible arrays are equal and aborting deserialization otherwise.

Workarounds

References

https://github.com/firecracker-microvm/versionize/pull/53

Severity ?

5.7 (Medium)


                  
                    CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "crates.io",
        "name": "versionize"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0.1.1"
            },
            {
              "fixed": "0.1.10"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2023-28448"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-125"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-03-24T22:00:05Z",
    "nvd_published_at": "2023-03-24T20:15:00Z",
    "severity": "MODERATE"
  },
  "details": "### Impact\n\nAn issue was discovered in the `Versionize::deserialize` implementation provided by the `versionize` crate for `vmm_sys_util::fam::FamStructWrapper`, which can lead to out of bounds memory accesses.\n\n### Patches\n\nThe impact started with version 0.1.1. The issue was corrected in version 0.1.10 by inserting a check that verifies, for any deserialized header, the lengths of compared flexible arrays are equal and aborting deserialization otherwise.\n\n### Workarounds\n\\-\n\n### References\n- https://github.com/firecracker-microvm/versionize/pull/53",
  "id": "GHSA-8vxc-r5wp-vgvc",
  "modified": "2023-03-24T22:00:05Z",
  "published": "2023-03-24T22:00:05Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/firecracker-microvm/versionize/security/advisories/GHSA-8vxc-r5wp-vgvc"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28448"
    },
    {
      "type": "WEB",
      "url": "https://github.com/firecracker-microvm/versionize/pull/53"
    },
    {
      "type": "WEB",
      "url": "https://github.com/firecracker-microvm/versionize/commit/a57a051ba006cfa3b41a0532f484df759e008d47"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/firecracker-microvm/versionize"
    },
    {
      "type": "WEB",
      "url": "https://github.com/firecracker-microvm/versionize/releases/tag/v0.1.10"
    },
    {
      "type": "WEB",
      "url": "https://rustsec.org/advisories/RUSTSEC-2023-0030.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Versionize::deserialize implementation for FamStructWrapper\u003cT\u003e is lacking bound checks, potentially leading to out of bounds memory accesses"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2023-28448 (GCVE-0-2023-28448)

FKIE_CVE-2023-28448

MSRC_CVE-2023-28448

GSD-2023-28448

GHSA-8VXC-R5WP-VGVC

Impact

Patches

Workarounds

References

Tags

Sightings

Nomenclature