Local Denial of Service Due to Improper Input Validation in Autotest Driver by Unisoc
CVE-2023-48359

4.4MEDIUM

Key Information:

Vendor: Unisoc (shanghai) Technologies Co., Ltd.
Status: Sc7731e/sc9832e/sc9863a/t310/t606/t612/t616/t610/t618/t760/t770/t820/s8000
Vendor: CVE Published:; 18 January 2024

🔔 Create Unisoc (shanghai) Technologies Co., Ltd. Vulnerability Alert

What is CVE-2023-48359?

The autotest driver from Unisoc has a vulnerability stemming from improper input validation, leading to a potential out of bounds write. This security flaw could allow an attacker to cause a local denial of service condition, necessitating system execution privileges to exploit. It is essential for users of the affected product to implement security measures and updates to mitigate the risk associated with this vulnerability.

Affected Version(s)

SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000 Android11/Android12/Android13

References

https://www.unisoc.com/en_us/secy/announcementDetail/1745...

CVSS V3.1

Score:

4.4

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 18, 2024
Vulnerability Reserved
Nov 15, 2023