CVE-2023-32845

HIGH Year: 2023
CVSS v3 Score
7.5
High
Weakness Type
CWE-617
View all →

Vulnerability Description

In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01139296 (MSV-860).

Related Vulnerabilities

CVE-2006-4095

HIGH
CVSS:7.5(High)

BIND before 9.2.6-P1 and 9.3.x before 9.3.2-P1 allows remote attackers to cause a denial of service (crash) via certain SIG queries, which cause an assertion failure when multiple RRsets are returned.

CWE-6172006

CVE-2006-5779

HIGH
CVSS:7.5(High)

OpenLDAP before 2.3.29 allows remote attackers to cause a denial of service (daemon crash) via LDAP BIND requests with long authcid names, which triggers an assertion failure.

CWE-6172006

CVE-2006-6767

HIGH
CVSS:7.5(High)

oftpd before 0.3.7 allows remote attackers to cause a denial of service (daemon abort) via a (1) LPRT or (2) LPASV command with an unsupported address family, which triggers an assertion failure.

CWE-6172006

CVE-2011-3596

HIGH
CVSS:7.5(High)

Polipo before 1.0.4.1 suffers from a DoD vulnerability via specially-crafted HTTP POST / PUT request.

CWE-6172011

CVE-2015-8012

HIGH
CVSS:7.5(High)

lldpd before 0.8.0 allows remote attackers to cause a denial of service (assertion failure and daemon crash) via a malformed packet.

CWE-6172015

CVE-2016-8864

HIGH
CVSS:7.5(High)

named in ISC BIND 9.x before 9.9.9-P4, 9.10.x before 9.10.4-P4, and 9.11.x before 9.11.0-P1 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a DNAME record ...

CWE-6172016