Description
An improper input validation in saped_dec in libsaped prior to SMR Nov-2023 Release 1 allows local attackers to cause out-of-bounds read and write.
CVSS breakdown
CVSS 3.1
Attack Vector
Local
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Affected products
- Samsung Mobile / Samsung Mobile DevicesSMR Nov-2023 Release in Android 11, 12, 13 – SMR Nov-2023 Release in Android 11, 12, 13