CVE-2023-7152 | MicroPython 1.21.0/1.22.0-preview extmod/modselect.c poll_set_add_fd use after free

Posted by Angelo Barbosa | Dec 28, 2023 | CVE

A vulnerability, which was classified as critical, has been found in MicroPython 1.21.0/1.22.0-preview. Affected by this issue is the function poll_set_add_fd of the file extmod/modselect.c. The manipulation leads to use after free.

This vulnerability is handled as CVE-2023-7152. The attack needs to be approached within the local network. Furthermore, there is an exploit available.

It is recommended to apply a patch to fix this issue.

CVE-2023-7152 | MicroPython 1.21.0/1.22.0-preview extmod/modselect.c poll_set_add_fd use after free

Related Posts

CVE-2024-46689 | Linux Kernel up to 6.10.7 Shared Memory Page infinite loop

CVE-2024-1200 | Jspxcms 10.2.0 /template/1/default/ information disclosure

CVE-2023-48171 | OWASP DefectDojo up to 1.5.3.0 permission

CVE-2022-48462 | Unisoc S8000 Wifi Service out-of-bounds write