Untriaged
Permalink
CVE-2023-4255
5.5 MEDIUM
- CVSS version: 3.1
- Attack vector (AV): LOCAL
- Attack complexity (AC): LOW
- Privileges required (PR): NONE
- User interaction (UI): REQUIRED
- Scope (S): UNCHANGED
- Confidentiality impact (C): NONE
- Integrity impact (I): NONE
- Availability impact (A): HIGH
W3m: out-of-bounds write in function checktype() in etc.c (incomplete fix for cve-2022-38223)
An out-of-bounds write issue has been discovered in the backspace handling of the checkType() function in etc.c within the W3M application. This vulnerability is triggered by supplying a specially crafted HTML file to the w3m binary. Exploitation of this flaw could lead to application crashes, resulting in a denial of service condition.
References
- RHBZ#2255207 issue-tracking x_refsource_REDHAT
- https://github.com/tats/w3m/commit/edc602651c506aeeb60544b55534dd1722a340d3
- https://github.com/tats/w3m/issues/268
- https://github.com/tats/w3m/pull/273
- RHBZ#2255207 issue-tracking x_refsource_REDHAT
- https://github.com/tats/w3m/commit/edc602651c506aeeb60544b55534dd1722a340d3
- https://github.com/tats/w3m/issues/268
- https://github.com/tats/w3m/pull/273
- RHBZ#2255207 issue-tracking x_refsource_REDHAT
- https://github.com/tats/w3m/commit/edc602651c506aeeb60544b55534dd1722a340d3
- https://github.com/tats/w3m/issues/268
- https://github.com/tats/w3m/pull/273
- RHBZ#2255207 issue-tracking x_refsource_REDHAT
- https://github.com/tats/w3m/commit/edc602651c506aeeb60544b55534dd1722a340d3
- https://github.com/tats/w3m/issues/268
- https://github.com/tats/w3m/pull/273
- RHBZ#2255207 issue-tracking x_refsource_REDHAT
- https://github.com/tats/w3m/commit/edc602651c506aeeb60544b55534dd1722a340d3
- https://github.com/tats/w3m/issues/268
- https://github.com/tats/w3m/pull/273
- RHBZ#2255207 issue-tracking x_refsource_REDHAT
- https://github.com/tats/w3m/commit/edc602651c506aeeb60544b55534dd1722a340d3
- https://github.com/tats/w3m/issues/268
- https://github.com/tats/w3m/pull/273
- RHBZ#2255207 issue-tracking x_refsource_REDHAT
- https://github.com/tats/w3m/commit/edc602651c506aeeb60544b55534dd1722a340d3
- https://github.com/tats/w3m/issues/268
- https://github.com/tats/w3m/pull/273
- RHBZ#2255207 issue-tracking x_refsource_REDHAT
- https://github.com/tats/w3m/commit/edc602651c506aeeb60544b55534dd1722a340d3
- https://github.com/tats/w3m/issues/268
- https://github.com/tats/w3m/pull/273
- RHBZ#2255207 issue-tracking x_refsource_REDHAT
- https://github.com/tats/w3m/commit/edc602651c506aeeb60544b55534dd1722a340d3
- https://github.com/tats/w3m/issues/268
- https://github.com/tats/w3m/pull/273
- https://github.com/tats/w3m/pull/273
- RHBZ#2255207 issue-tracking x_refsource_REDHAT
- https://github.com/tats/w3m/commit/edc602651c506aeeb60544b55534dd1722a340d3
- https://github.com/tats/w3m/issues/268
- RHBZ#2255207 issue-tracking x_refsource_REDHAT
- https://github.com/tats/w3m/commit/edc602651c506aeeb60544b55534dd1722a340d3
- https://github.com/tats/w3m/issues/268
- https://github.com/tats/w3m/pull/273
- https://github.com/tats/w3m/issues/268
- https://github.com/tats/w3m/pull/273
- RHBZ#2255207 issue-tracking x_refsource_REDHAT
- https://github.com/tats/w3m/commit/edc602651c506aeeb60544b55534dd1722a340d3
- RHBZ#2255207 issue-tracking x_refsource_REDHAT
- https://github.com/tats/w3m/commit/edc602651c506aeeb60544b55534dd1722a340d3
- https://github.com/tats/w3m/issues/268
- https://github.com/tats/w3m/pull/273
- RHBZ#2255207 issue-tracking x_refsource_REDHAT
- https://github.com/tats/w3m/commit/edc602651c506aeeb60544b55534dd1722a340d3
- https://github.com/tats/w3m/issues/268
- https://github.com/tats/w3m/pull/273
- RHBZ#2255207 issue-tracking x_refsource_REDHAT
- https://github.com/tats/w3m/commit/edc602651c506aeeb60544b55534dd1722a340d3
- https://github.com/tats/w3m/issues/268
- https://github.com/tats/w3m/pull/273
- https://github.com/tats/w3m/commit/edc602651c506aeeb60544b55534dd1722a340d3
- https://github.com/tats/w3m/issues/268
- https://github.com/tats/w3m/pull/273
- RHBZ#2255207 issue-tracking x_refsource_REDHAT
- RHBZ#2255207 issue-tracking x_refsource_REDHAT
- https://github.com/tats/w3m/commit/edc602651c506aeeb60544b55534dd1722a340d3
- https://github.com/tats/w3m/issues/268
- https://github.com/tats/w3m/pull/273
- https://github.com/tats/w3m/pull/273
- RHBZ#2255207 issue-tracking x_refsource_REDHAT
- https://github.com/tats/w3m/commit/edc602651c506aeeb60544b55534dd1722a340d3
- https://github.com/tats/w3m/issues/268
- RHBZ#2255207 issue-tracking x_refsource_REDHAT
- https://github.com/tats/w3m/commit/edc602651c506aeeb60544b55534dd1722a340d3
- https://github.com/tats/w3m/issues/268
- https://github.com/tats/w3m/pull/273
- RHBZ#2255207 issue-tracking x_refsource_REDHAT
- https://github.com/tats/w3m/commit/edc602651c506aeeb60544b55534dd1722a340d3
- https://github.com/tats/w3m/issues/268
- https://github.com/tats/w3m/pull/273
- RHBZ#2255207 issue-tracking x_refsource_REDHAT
- https://github.com/tats/w3m/commit/edc602651c506aeeb60544b55534dd1722a340d3
- https://github.com/tats/w3m/issues/268
- https://github.com/tats/w3m/pull/273
- RHBZ#2255207 issue-tracking x_refsource_REDHAT
- https://github.com/tats/w3m/commit/edc602651c506aeeb60544b55534dd1722a340d3
- https://github.com/tats/w3m/issues/268
- https://github.com/tats/w3m/pull/273
- RHBZ#2255207 issue-tracking x_refsource_REDHAT
- https://github.com/tats/w3m/commit/edc602651c506aeeb60544b55534dd1722a340d3
- https://github.com/tats/w3m/issues/268
- https://github.com/tats/w3m/pull/273
- RHBZ#2255207 issue-tracking x_refsource_REDHAT
- https://github.com/tats/w3m/commit/edc602651c506aeeb60544b55534dd1722a340d3
- https://github.com/tats/w3m/issues/268
- https://github.com/tats/w3m/pull/273
- https://github.com/tats/w3m/pull/273
- RHBZ#2255207 issue-tracking x_refsource_REDHAT
- https://github.com/tats/w3m/commit/edc602651c506aeeb60544b55534dd1722a340d3
- https://github.com/tats/w3m/issues/268
- RHBZ#2255207 issue-tracking x_refsource_REDHAT
- https://github.com/tats/w3m/commit/edc602651c506aeeb60544b55534dd1722a340d3
- https://github.com/tats/w3m/issues/268
- https://github.com/tats/w3m/pull/273
- https://github.com/tats/w3m/pull/273
- RHBZ#2255207 issue-tracking x_refsource_REDHAT
- https://github.com/tats/w3m/commit/edc602651c506aeeb60544b55534dd1722a340d3
- https://github.com/tats/w3m/issues/268
- https://github.com/tats/w3m/issues/268
- https://github.com/tats/w3m/pull/273
- RHBZ#2255207 issue-tracking x_refsource_REDHAT
- https://github.com/tats/w3m/commit/edc602651c506aeeb60544b55534dd1722a340d3
- RHBZ#2255207 issue-tracking x_refsource_REDHAT
- https://github.com/tats/w3m/commit/edc602651c506aeeb60544b55534dd1722a340d3
- https://github.com/tats/w3m/issues/268
- https://github.com/tats/w3m/pull/273
- RHBZ#2255207 issue-tracking x_refsource_REDHAT
- https://github.com/tats/w3m/commit/edc602651c506aeeb60544b55534dd1722a340d3
- https://github.com/tats/w3m/issues/268
- https://github.com/tats/w3m/pull/273
- RHBZ#2255207 issue-tracking x_refsource_REDHAT
- https://github.com/tats/w3m/commit/edc602651c506aeeb60544b55534dd1722a340d3
- https://github.com/tats/w3m/issues/268
- https://github.com/tats/w3m/pull/273
- RHBZ#2255207 issue-tracking x_refsource_REDHAT
- https://github.com/tats/w3m/commit/edc602651c506aeeb60544b55534dd1722a340d3
- https://github.com/tats/w3m/issues/268
- https://github.com/tats/w3m/pull/273
- RHBZ#2255207 issue-tracking x_refsource_REDHAT
- https://github.com/tats/w3m/commit/edc602651c506aeeb60544b55534dd1722a340d3
- https://github.com/tats/w3m/issues/268
- https://github.com/tats/w3m/pull/273
- https://github.com/tats/w3m/commit/edc602651c506aeeb60544b55534dd1722a340d3
- https://github.com/tats/w3m/issues/268
- https://github.com/tats/w3m/pull/273
- RHBZ#2255207 issue-tracking x_refsource_REDHAT
- RHBZ#2255207 issue-tracking x_refsource_REDHAT
- https://github.com/tats/w3m/commit/edc602651c506aeeb60544b55534dd1722a340d3
- https://github.com/tats/w3m/issues/268
- https://github.com/tats/w3m/pull/273
- https://github.com/tats/w3m/issues/268
- https://github.com/tats/w3m/pull/273
- RHBZ#2255207 issue-tracking x_refsource_REDHAT
- https://github.com/tats/w3m/commit/edc602651c506aeeb60544b55534dd1722a340d3
- RHBZ#2255207 issue-tracking x_refsource_REDHAT
- https://github.com/tats/w3m/commit/edc602651c506aeeb60544b55534dd1722a340d3
- https://github.com/tats/w3m/issues/268
- https://github.com/tats/w3m/pull/273
- RHBZ#2255207 issue-tracking x_refsource_REDHAT
- https://github.com/tats/w3m/commit/edc602651c506aeeb60544b55534dd1722a340d3
- https://github.com/tats/w3m/issues/268
- https://github.com/tats/w3m/pull/273
- RHBZ#2255207 issue-tracking x_refsource_REDHAT
- https://github.com/tats/w3m/commit/edc602651c506aeeb60544b55534dd1722a340d3
- https://github.com/tats/w3m/issues/268
- https://github.com/tats/w3m/pull/273
- https://github.com/tats/w3m/commit/edc602651c506aeeb60544b55534dd1722a340d3
- https://github.com/tats/w3m/issues/268
- https://github.com/tats/w3m/pull/273
- RHBZ#2255207 issue-tracking x_refsource_REDHAT
- RHBZ#2255207 issue-tracking x_refsource_REDHAT
- https://github.com/tats/w3m/commit/edc602651c506aeeb60544b55534dd1722a340d3
- https://github.com/tats/w3m/issues/268
- https://github.com/tats/w3m/pull/273
- https://github.com/tats/w3m/issues/268
- https://github.com/tats/w3m/pull/273
- RHBZ#2255207 issue-tracking x_refsource_REDHAT
- https://github.com/tats/w3m/commit/edc602651c506aeeb60544b55534dd1722a340d3
- https://github.com/tats/w3m/pull/273
- RHBZ#2255207 issue-tracking x_refsource_REDHAT
- https://github.com/tats/w3m/commit/edc602651c506aeeb60544b55534dd1722a340d3
- https://github.com/tats/w3m/issues/268
- https://github.com/tats/w3m/pull/273
- RHBZ#2255207 issue-tracking x_refsource_REDHAT
- https://github.com/tats/w3m/commit/edc602651c506aeeb60544b55534dd1722a340d3
- https://github.com/tats/w3m/issues/268
- RHBZ#2255207 issue-tracking x_refsource_REDHAT
- https://github.com/tats/w3m/commit/edc602651c506aeeb60544b55534dd1722a340d3
- https://github.com/tats/w3m/issues/268
- https://github.com/tats/w3m/pull/273
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
- RHBZ#2255207 issue-tracking x_refsource_REDHAT
- https://github.com/tats/w3m/commit/edc602651c506aeeb60544b55534dd1722a340d3
- https://github.com/tats/w3m/issues/268
- https://github.com/tats/w3m/pull/273
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
- RHBZ#2255207 issue-tracking x_refsource_REDHAT
- https://github.com/tats/w3m/commit/edc602651c506aeeb60544b55534dd1722a340d3
- https://github.com/tats/w3m/issues/268
- https://github.com/tats/w3m/pull/273
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
- RHBZ#2255207 issue-tracking x_refsource_REDHAT x_transferred
- https://github.com/tats/w3m/commit/edc602651c506aeeb60544b55534dd1722a340d3 x_transferred
- https://github.com/tats/w3m/issues/268 x_transferred
- https://github.com/tats/w3m/pull/273 x_transferred
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj… x_transferred
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj… x_transferred
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj… x_transferred
- https://github.com/tats/w3m/commit/edc602651c506aeeb60544b55534dd1722a340d3
- https://github.com/tats/w3m/issues/268
- https://github.com/tats/w3m/pull/273
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
- RHBZ#2255207 issue-tracking x_refsource_REDHAT
- RHBZ#2255207 issue-tracking x_refsource_REDHAT x_transferred
- https://github.com/tats/w3m/commit/edc602651c506aeeb60544b55534dd1722a340d3 x_transferred
- https://github.com/tats/w3m/issues/268 x_transferred
- https://github.com/tats/w3m/pull/273 x_transferred
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj… x_transferred
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj… x_transferred
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj… x_transferred
Affected products
w3m
Matching in nixpkgs
pkgs.w3m-nographics
Text-mode web browser
-
nixos-unstable -
- nixpkgs-unstable 0.5.5
Package maintainers
-
@toastal toastal <toastal+nix@posteo.net>
-
@anthonyroussel Anthony Roussel <anthony@roussel.dev>