CVE-2023-45838
CVSS 3.1 Score 8.1 of 10 (high)
Details
Published Dec 5, 2023
Updated: Dec 11, 2023
CWE ID 494
Summary
CVE-2023-45838 is a data integrity vulnerability affecting Buildroot 2023.08.1 and commit 622698d7847. The issue lies within the package hash checking functionality, and an attacker can exploit it through a man-in-the-middle attack, leading to arbitrary command execution in the builder. This vulnerability specifically targets the `aufs` package.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share