CVE-2023-52558

In OpenBSD 7.4 before errata 002 and OpenBSD 7.3 before errata 019, a network buffer that had to be split at certain length that could crash the kernel after receiving specially crafted escape sequences.

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://ftp.openbsd.org/pub/OpenBSD/patches/7.3/common/019_msplit.patch.sig	Patch
https://ftp.openbsd.org/pub/OpenBSD/patches/7.4/common/002_msplit.patch.sig	Patch
https://github.com/openbsd/src/commit/7b4d35e0a60ba1dd4daf4b1c2932020a22463a89	Patch
https://ftp.openbsd.org/pub/OpenBSD/patches/7.3/common/019_msplit.patch.sig	Patch
https://ftp.openbsd.org/pub/OpenBSD/patches/7.4/common/002_msplit.patch.sig	Patch
https://github.com/openbsd/src/commit/7b4d35e0a60ba1dd4daf4b1c2932020a22463a89	Patch

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:openbsd:openbsd::::::::
	cpe:2.3:o:openbsd:openbsd:7.3:-::::::
	cpe:2.3:o:openbsd:openbsd:7.3:errata_001::::::
	cpe:2.3:o:openbsd:openbsd:7.3:errata_002::::::
	cpe:2.3:o:openbsd:openbsd:7.3:errata_003::::::
	cpe:2.3:o:openbsd:openbsd:7.3:errata_004::::::
	cpe:2.3:o:openbsd:openbsd:7.3:errata_005::::::
	cpe:2.3:o:openbsd:openbsd:7.3:errata_006::::::
	cpe:2.3:o:openbsd:openbsd:7.3:errata_007::::::
	cpe:2.3:o:openbsd:openbsd:7.3:errata_008::::::
	cpe:2.3:o:openbsd:openbsd:7.3:errata_009::::::
	cpe:2.3:o:openbsd:openbsd:7.3:errata_010::::::
	cpe:2.3:o:openbsd:openbsd:7.3:errata_011::::::
	cpe:2.3:o:openbsd:openbsd:7.3:errata_012::::::
	cpe:2.3:o:openbsd:openbsd:7.3:errata_013::::::
	cpe:2.3:o:openbsd:openbsd:7.3:errata_014::::::
	cpe:2.3:o:openbsd:openbsd:7.3:errata_015::::::
	cpe:2.3:o:openbsd:openbsd:7.3:errata_016::::::
	cpe:2.3:o:openbsd:openbsd:7.3:errata_017::::::
	cpe:2.3:o:openbsd:openbsd:7.3:errata_018::::::
	cpe:2.3:o:openbsd:openbsd:7.4:-::::::
	cpe:2.3:o:openbsd:openbsd:7.4:errata_001::::::

History

10 Oct 2025, 17:36

Type	Values Removed	Values Added
References	~~() https://ftp.openbsd.org/pub/OpenBSD/patches/7.3/common/019_msplit.patch.sig -~~	() https://ftp.openbsd.org/pub/OpenBSD/patches/7.3/common/019_msplit.patch.sig - Patch
References	~~() https://ftp.openbsd.org/pub/OpenBSD/patches/7.4/common/002_msplit.patch.sig -~~	() https://ftp.openbsd.org/pub/OpenBSD/patches/7.4/common/002_msplit.patch.sig - Patch
References	~~() https://github.com/openbsd/src/commit/7b4d35e0a60ba1dd4daf4b1c2932020a22463a89 -~~	() https://github.com/openbsd/src/commit/7b4d35e0a60ba1dd4daf4b1c2932020a22463a89 - Patch
First Time		Openbsd openbsd Openbsd
CPE		cpe:2.3:o:openbsd:openbsd:7.3:errata_003:::::: cpe:2.3:o:openbsd:openbsd:7.4:errata_001:::::: cpe:2.3:o:openbsd:openbsd:7.3:errata_017:::::: cpe:2.3:o:openbsd:openbsd:7.3:errata_018:::::: cpe:2.3:o:openbsd:openbsd:7.3:errata_001:::::: cpe:2.3:o:openbsd:openbsd:7.3:errata_012:::::: cpe:2.3:o:openbsd:openbsd:7.3:errata_002:::::: cpe:2.3:o:openbsd:openbsd:7.3:errata_006:::::: cpe:2.3:o:openbsd:openbsd:7.3:errata_014:::::: cpe:2.3:o:openbsd:openbsd:7.3:errata_015:::::: cpe:2.3:o:openbsd:openbsd:7.3:errata_010:::::: cpe:2.3:o:openbsd:openbsd:7.3:errata_007:::::: cpe:2.3:o:openbsd:openbsd:7.3:errata_004:::::: cpe:2.3:o:openbsd:openbsd:7.3:errata_008:::::: cpe:2.3:o:openbsd:openbsd:7.3:errata_011:::::: cpe:2.3:o:openbsd:openbsd:7.3:errata_005:::::: cpe:2.3:o:openbsd:openbsd:7.3:errata_009:::::: cpe:2.3:o:openbsd:openbsd:7.3:-:::::: cpe:2.3:o:openbsd:openbsd:7.3:errata_013:::::: cpe:2.3:o:openbsd:openbsd:7.3:errata_016:::::: cpe:2.3:o:openbsd:openbsd:7.4:-:::::: cpe:2.3:o:openbsd:openbsd::::::::

Information

Published : 2024-03-01 17:15

Updated : 2025-10-10 17:36

NVD link : CVE-2023-52558

Mitre link : CVE-2023-52558

CVE.ORG link : CVE-2023-52558

JSON object : View

Products Affected

openbsd

openbsd

CWE

CWE-131

Incorrect Calculation of Buffer Size

7.5 /10