Out of Bounds Write Vulnerability in Unisoc Jpg Driver
CVE-2023-48356

4.4MEDIUM

Key Information:

Vendor: Unisoc (shanghai) Technologies Co., Ltd.
Status: Sc7731e/sc9832e/sc9863a/t310/t606/t612/t616/t610/t618/t760/t770/t820/s8000
Vendor: CVE Published:; 18 January 2024

🔔 Create Unisoc (shanghai) Technologies Co., Ltd. Vulnerability Alert

What is CVE-2023-48356?

The jpg driver from Unisoc is affected by a vulnerability that allows for an out of bounds write due to a missing bounds check. This oversight can result in potential local denial of service. The exploitation of this vulnerability requires system execution privileges, which may impact the overall stability and security of systems using the affected driver.

Affected Version(s)

SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 Android11/Android12/Android13

References

https://www.unisoc.com/en_us/secy/announcementDetail/1745...

CVSS V3.1

Score:

4.4

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 18, 2024
Vulnerability Reserved
Nov 15, 2023