fkie_nvd - fkie_cve-2023-42567

fkie_cve-2023-42567

Vulnerability from fkie_nvd

Published

2023-12-05 03:15

Modified

2024-11-21 08:22

Severity ?

7.3 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

Improper size check vulnerability in softsimd prior to SMR Dec-2023 Release 1 allows stack-based buffer overflow.

References

▶	URL	Tags
	mobile.security@samsung.com	https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=12	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=12	Vendor Advisory

Impacted products

Vendor	Product	Version
samsung	android	14.0
samsung	android	14.0
samsung	android	14.0
samsung	android	14.0
samsung	android	14.0
samsung	android	14.0
samsung	android	14.0
samsung	android	14.0
samsung	android	14.0
samsung	android	14.0
samsung	android	14.0
samsung	android	14.0
samsung	android	14.0
samsung	android	14.0
samsung	android	14.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:samsung:android:14.0:-:*:*:*:*:*:*",
              "matchCriteriaId": "3093F6FE-C562-4F62-97B7-CA0D2DDF9BBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:samsung:android:14.0:smr-apr-2023-r1:*:*:*:*:*:*",
              "matchCriteriaId": "DAB2A0D7-8F4F-4128-AE09-D2658D793BF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:samsung:android:14.0:smr-aug-2023-r1:*:*:*:*:*:*",
              "matchCriteriaId": "CC6E2FC7-2BAF-4C7B-9E0F-D9F844041A35",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:samsung:android:14.0:smr-dec-2022-r1:*:*:*:*:*:*",
              "matchCriteriaId": "2A901EFE-90BA-474C-88D2-8A3E7D99C0E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:samsung:android:14.0:smr-feb-2023-r1:*:*:*:*:*:*",
              "matchCriteriaId": "FD8B9CD3-063E-481E-BE7C-1628ADA71849",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:samsung:android:14.0:smr-jan-2023-r1:*:*:*:*:*:*",
              "matchCriteriaId": "9CE09EF7-B024-4D79-9400-C8223CDFBB86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:samsung:android:14.0:smr-jul-2023-r1:*:*:*:*:*:*",
              "matchCriteriaId": "3DD61EDA-98ED-4309-B54F-0CF8B7D07DC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:samsung:android:14.0:smr-jun-2023-r1:*:*:*:*:*:*",
              "matchCriteriaId": "4ECB0B7A-590C-460C-878B-9A78CB37D259",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:samsung:android:14.0:smr-mar-2023-r1:*:*:*:*:*:*",
              "matchCriteriaId": "EAFE015F-8130-4F10-A553-420F0BB2A132",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:samsung:android:14.0:smr-may-2023-r1:*:*:*:*:*:*",
              "matchCriteriaId": "ACEA385E-3931-4438-A2A9-0357651F9B48",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:samsung:android:14.0:smr-nov-2022-r1:*:*:*:*:*:*",
              "matchCriteriaId": "6DD1F78D-EA98-4825-A0EA-703196DDE5E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:samsung:android:14.0:smr-nov-2023-r1:*:*:*:*:*:*",
              "matchCriteriaId": "BDDB3FBE-99EC-4763-961B-2C436D864A1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:samsung:android:14.0:smr-oct-2022-r1:*:*:*:*:*:*",
              "matchCriteriaId": "1B02110E-71FB-495F-86CA-F2A4E55C0E42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:samsung:android:14.0:smr-oct-2023-r1:*:*:*:*:*:*",
              "matchCriteriaId": "931CC6D7-A42D-4482-B901-B539DFF89C3E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:samsung:android:14.0:smr-sep-2023-r1:*:*:*:*:*:*",
              "matchCriteriaId": "84ED2366-D4BA-4094-94AC-AD6E7AEBB6FF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Improper size check vulnerability in softsimd prior to SMR Dec-2023 Release 1 allows stack-based buffer overflow."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de verificaci\u00f3n de tama\u00f1o inadecuado en softsimd anterior a SMR de diciembre de 2023, versi\u00f3n 1, permite el desbordamiento del b\u00fafer basado en pila."
    }
  ],
  "id": "CVE-2023-42567",
  "lastModified": "2024-11-21T08:22:48.300",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "LOW",
          "baseScore": 7.3,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "LOW",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 2.5,
        "impactScore": 4.7,
        "source": "mobile.security@samsung.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-12-05T03:15:16.900",
  "references": [
    {
      "source": "mobile.security@samsung.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2023\u0026month=12"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2023\u0026month=12"
    }
  ],
  "sourceIdentifier": "mobile.security@samsung.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-787"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2023-42567 (GCVE-0-2023-42567)

Vulnerability from cvelistv5

Published

2023-12-05 02:44

Modified

2024-08-02 19:23

Severity ?

7.3 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L

CWE

CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

Summary

Improper size check vulnerability in softsimd prior to SMR Dec-2023 Release 1 allows stack-based buffer overflow.

References

►

URL

Tags

https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=12