Lucene search

[email protected]CVE-2023-48340

HistoryJan 18, 2024 - 3:15 a.m.

CVE-2023-48340

2024-01-1803:15:57

CWE-787

[email protected]

web.nvd.nist.gov

cve-2023-48340

video decoder

out of bounds write

denial of service

nvd

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

0.0004 Low

EPSS

Percentile

5.1%

JSON

In video decoder, there is a possible out of bounds write due to improper input validation. This could lead to local denial of service with no additional execution privileges needed

Affected configurations

NVD

Node

unisocs8000Match-

unisocsc7731eMatch-

unisocsc9832eMatch-

unisocsc9863aMatch-

unisoct310Match-

unisoct606Match-

unisoct610Match-

unisoct612Match-

unisoct616Match-

unisoct618Match-

unisoct760Match-

unisoct770Match-

unisoct820Match-

AND

googleandroidMatch11.0

googleandroidMatch12.0

CPENameOperatorVersion
google:androidgoogle androideq11.0
google:androidgoogle androideq12.0

CPE	Name	Operator	Version
google:android	google android	eq	11.0
google:android	google android	eq	12.0

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
    "versions": [
      {
        "version": "Android11/Android12",
        "status": "affected"
      }
    ],
    "vendor": "Unisoc (Shanghai) Technologies Co., Ltd."
  }
]

References

www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2023-48340

nvd1 prion1 cvelist1