Out of Bounds Write Vulnerability in VSP Driver from Unisoc
CVE-2023-48357

4.4MEDIUM

Key Information:

Vendor: Unisoc (shanghai) Technologies Co., Ltd.
Status: Sc7731e/sc9832e/sc9863a/t310/t606/t612/t616/t610/t618/t760/t770/t820/s8000
Vendor: CVE Published:; 18 January 2024

🔔 Create Unisoc (shanghai) Technologies Co., Ltd. Vulnerability Alert

What is CVE-2023-48357?

A notable out of bounds write vulnerability exists in Unisoc's VSP driver due to the absence of proper bounds checking. This flaw can potentially lead to local denial of service, requiring system execution privileges. If exploited, this vulnerability could disrupt system functionality, raising significant concerns for affected users.

Affected Version(s)

SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 Android11/Android12/Android13

References

https://www.unisoc.com/en_us/secy/announcementDetail/1745...

CVSS V3.1

Score:

4.4

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 18, 2024
Vulnerability Reserved
Nov 15, 2023