CVE-2023-51787: Infoleak
Published Feb 15, 2024
·Updated
An issue was discovered in Wind River VxWorks 7 22.09 and 23.03. If a VxWorks task or POSIX thread that uses OpenSSL exits, limited per-task memory is not freed, resulting in a memory leak.
Affected Software
4 affected components
Wind River VxWorks>=22.09<=23.03
OpenSSL OpenSSL
Windriver Vxworks=7-22.09
Windriver Vxworks=7-23.03
Event History
Feb 15, 2024
CVE Published
via MITRE·12:00 AM
Data Sourced
via MITRE·12:00 AM
Description
Data Sourced
via NVD·06:15 AM
DescriptionSeverityWeaknessAffected Software
Frequently Asked Questions
1
What is the severity of CVE-2023-51787?
CVE-2023-51787 is considered to have a medium severity level due to the potential for memory leaks affecting system performance.
2
How do I fix CVE-2023-51787?
To fix CVE-2023-51787, update to the latest version of Wind River VxWorks that addresses this memory leak issue.
3
Which versions of Wind River VxWorks are affected by CVE-2023-51787?
CVE-2023-51787 affects Wind River VxWorks versions 22.09 and 23.03.
4
What causes CVE-2023-51787?
CVE-2023-51787 is caused by VxWorks tasks or POSIX threads exiting without freeing limited per-task memory when using OpenSSL.
5
Is OpenSSL itself affected by CVE-2023-51787?
No, OpenSSL is not directly affected; the issue resides within Wind River VxWorks when interfacing with OpenSSL.