CVE-2023-5941 – FreeBSD Advisory


A vulnerability in the FreeBSD C library (libc) stdio component allows for a buffer overflow, potentially leading to data corruption or arbitrary code execution. Upgrading to the latest supported FreeBSD version is recommended, and specific patches are available for older versions

Key Takeaways:

  • The libc stdio component in FreeBSD has a buffer overflow vulnerability.
  • The vulnerability can result in data corruption or arbitrary code execution.
  • Line-buffered streams are affected.
  • Upgrading to the latest supported FreeBSD version is advised.
  • Specific patches are available for FreeBSD 12 and earlier.
  • Systems running FreeBSD 13 and later can use the freebsd-update utility for updating.
  • No workaround is available.