Skip to main content

Incorrect Calculation of Buffer Size

CVE-2023-20627

Severity Medium
Score 6.7/10

Summary

In pqframework, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07629585; Issue ID: ALPS07629585.

  • LOW
  • LOCAL
  • HIGH
  • UNCHANGED
  • NONE
  • HIGH
  • HIGH
  • HIGH

CWE-131 - Incorrect Calculation of Buffer Size

The software does not correctly calculate the size to be used when allocating a buffer, which could lead to a buffer overflow.

References

Advisory Timeline

  • Published