Out of Bounds Write Vulnerability in cp_dump Driver by Unisoc
CVE-2022-48439

4.4MEDIUM

Key Information:

Vendor: Unisoc (shanghai) Technologies Co., Ltd.
Status: Sc9863a/sc9832e/sc7731e/t610/t310/t606/t760/t610/t618/t606/t612/t616/t760/t770/t820/s8000
Vendor: CVE Published:; 6 June 2023

🔔 Create Unisoc (shanghai) Technologies Co., Ltd. Vulnerability Alert

What is CVE-2022-48439?

The cp_dump driver developed by Unisoc is susceptible to an out of bounds write vulnerability due to the absence of adequate bounds checking mechanisms. This flaw could potentially enable a local denial of service attack, necessitating system execution privileges to exploit. The lack of proper input validation can lead to significant instability in affected systems, making it imperative for users and administrators to apply necessary patches and monitor for any unusual activity.

Affected Version(s)

SC9863A/SC9832E/SC7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 Android11/Android12/Android13

References

https://www.unisoc.com/en_us/secy/announcementDetail/1664...

CVSS V3.1

Score:

4.4

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 6, 2023
Vulnerability Reserved
Apr 13, 2023