CVE-2023-53161
BaseFortify
Publication date: 2025-07-28
Last updated on: 2025-08-06
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| sequoia-pgp | buffered-reader | to 1.0.2 (exc) |
| sequoia-pgp | buffered-reader | From 1.1.0 (inc) to 1.1.5 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-125 | The product reads data past the end, or before the beginning, of the intended buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2023-53161 is a vulnerability in the Rust crate "buffered-reader" before version 1.2.0 where attacker-controlled input can cause an out-of-bounds array access. Rust's safety checks detect this invalid access and cause the application to panic, resulting in a denial-of-service (DoS) condition. This means the application crashes or stops functioning properly but does not allow the attacker to read or write arbitrary memory. [1, 2, 3]
How can this vulnerability impact me? :
The vulnerability can be exploited by an attacker to cause the affected application to panic and crash, leading to a denial-of-service (DoS) condition. This disrupts the availability of the service or application using the vulnerable buffered-reader crate. However, it does not allow attackers to access or modify the application's memory, so the impact is limited to service disruption only. [1, 2, 3]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring for application panics or crashes caused by out-of-bounds array access in the buffered-reader crate. Since the issue triggers Rust safety checks leading to panics, checking application logs for panic messages related to buffered-reader or crashes during input processing can help identify exploitation attempts. There are no specific commands provided in the resources, but general Rust application log inspection and fuzz testing with malformed input targeting buffered-reader usage may help detect the vulnerability. [1, 2, 3]
What immediate steps should I take to mitigate this vulnerability?
The immediate mitigation step is to upgrade the buffered-reader crate to a fixed version. The vulnerability has been patched in versions 1.0.2, 1.1.5, and 1.2.0 of the buffered-reader crate. Upgrading to one of these versions will prevent the out-of-bounds access and the resulting panics. Additionally, monitoring and handling malformed or attacker-controlled input carefully can reduce the risk of triggering the vulnerability. [2, 3]