CVE-2023-42537
CVSS 3.1 Score 7.8 of 10 (high)
Details
Published Nov 7, 2023
Updated: Mar 12, 2024
CWE ID 125
CWE ID 787
Summary
CVE-2023-42537 is a vulnerability affecting the libsaped library before the Nov-2023 Release 1. The issue lies in the get_head_crc function, where improper input validation leads to out-of-bounds read and write conditions. Malicious local attackers can exploit this flaw to gain unintended access to memory or cause unintended modifications, potentially leading to significant security risks. It is highly recommended that users upgrade to the latest libsaped release to mitigate this vulnerability.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Samsung Android
Affected Vendors
- Samsung