MNBSD-2023-14: libc stdio buffer overflow

Description

For line-buffered streams the __sflush() function did not correctly update the FILE object's write space member when the write(2) system call returns an error. Depending on the nature of an application that calls libc's stdio functions and the presence of errors returned from the write(2) system call (or an overridden stdio write routine) a heap buffer overflow may occur. Such overflows may lead to data corruption or the execution of arbitrary code at the privilege level of the calling program.

Affected Versions

libc

Specific versions:

• 3.0.0
• 3.0.1
• 3.0.2
• 3.1.0

Recommendations

No specific recommendations provided.

References

• https://www.freebsd.org/security/advisories/FreeBSD-SA-23:15.stdio.asc
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5941

Additional Information

Aliases: FreeBSD-SA-23:15.libc, CVE-2023-5941

Published: August 27, 2023
Last Modified: March 24, 2025