6 matches found
CVE-2022-48336
The vulnerability CVE-2022-48336 affects the Widevine Trusted Application (TA) versions 5.0.0 through 7.1.1. The issue is an integer overflow in the PRDiagParseAndStoreData function, which leads to a buffer overflow. Connected sources confirm the affected component and the root cause, with no pub...
CVE-2022-48333
CVE-2022-48333 affects Widevine Trusted Application (TA) versions 5.0.0–5.1.1. The root cause is an integer overflow in the drm_verify_keys prefix_len+feature_name_len calculation, which can lead to a buffer overflow. The CVE entry documents a critical impact (high/remote attack surface) but does...
CVE-2022-48332
CVE-2022-48332 affects Widevine Trusted Application (TA) versions 5.0.0 through 5.1.1. The issue is a drm_save_keys file_name_len integer overflow that leads to a buffer overflow, with CVSSv3.1 base metrics indicating CRITICAL impact (Network, No user interaction, Privileges NONE, Scope UNCHANGED...
CVE-2022-48335
CVE-2022-48335 affects Widevine Trusted Application (TA) 5.0.0–7.1.1. The issue is an integer overflow in PRDiagVerifyProvisioning that leads to a buffer overflow. Documented impacts are severe (CVE score up to CVSSv3.1 9.8, network attack with no user interaction). No exploit details are provide...
CVE-2022-48334
CVE-2022-48334 affects Widevine Trusted Application (TA) versions 5.0.0–5.1.1 . The root cause is an integer overflow in the drm_verify_keys calculation (total_len + file_name_len), which can lead to a buffer overflow . Documents state the vulnerability impact as high/critical (per CVSS from NVD)...
CVE-2022-48331
Widevine Trusted Application (TA) versions 5.0.0–5.1.1 are affected by an integer overflow in drm_save_keys feature_name_len, leading to a buffer overflow. The CVE notes high impact. No exploitation details are provided in the documents. Remediation guidance from PT-2023-15710 recommends disablin...