Lucene search

[email protected]CVE-2023-48343

HistoryJan 18, 2024 - 3:15 a.m.

CVE-2023-48343

2024-01-1803:15:57

CWE-787

[email protected]

web.nvd.nist.gov

cve-2023-48343

video decoder

out of bounds write

input validation

denial of service

nvd

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

0.0004 Low

EPSS

Percentile

5.1%

JSON

In video decoder, there is a possible out of bounds write due to improper input validation. This could lead to local denial of service with no additional execution privileges needed

Affected configurations

NVD

Node

googleandroidMatch11.0

googleandroidMatch12.0

AND

unisocs8000Match-

unisocsc7731eMatch-

unisocsc9832eMatch-

unisocsc9863aMatch-

unisoct310Match-

unisoct606Match-

unisoct610Match-

unisoct612Match-

unisoct616Match-

unisoct618Match-

unisoct760Match-

unisoct770Match-

unisoct820Match-

CPENameOperatorVersion
google:androidgoogle androideq11.0
google:androidgoogle androideq12.0

CPE	Name	Operator	Version
google:android	google android	eq	11.0
google:android	google android	eq	12.0

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000",
    "versions": [
      {
        "version": "Android11/Android12",
        "status": "affected"
      }
    ],
    "vendor": "Unisoc (Shanghai) Technologies Co., Ltd."
  }
]

References

www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for CVE-2023-48343

cvelist1 nvd1 prion1