Lucene search

[email protected]NVD:CVE-2024-20846

HistoryApr 02, 2024 - 3:15 a.m.

CVE-2024-20846

2024-04-0203:15:09

[email protected]

web.nvd.nist.gov

out-of-bounds write

decoding vulnerability

smr apr-2024 release 1

local attacker

arbitrary code

libsavsac.so

5.9 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

0.0004 Low

EPSS

Percentile

9.0%

JSON

Out-of-bounds write vulnerability while decoding hcr of libsavsac.so prior to SMR Apr-2024 Release 1 allows local attacker to execute arbitrary code.

References

security.samsungmobile.com/securityUpdate.smsb?year=2024&month=04

5.9 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

0.0004 Low

EPSS

Percentile

9.0%

JSON

Related for NVD:CVE-2024-20846

cvelist1 cve1