CVE-2023-42537

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Nov 7, 2023
Updated: Mar 12, 2024
CWE ID 125
CWE ID 787

Summary

CVE-2023-42537 is a vulnerability affecting the libsaped library before the Nov-2023 Release 1. The issue lies in the get_head_crc function, where improper input validation leads to out-of-bounds read and write conditions. Malicious local attackers can exploit this flaw to gain unintended access to memory or cause unintended modifications, potentially leading to significant security risks. It is highly recommended that users upgrade to the latest libsaped release to mitigate this vulnerability.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share