Mytyrannosaurusbuddy

**Name of the Vulnerable Software and Affected Versions** Transaction versions prior to SMR Jul-2023 Release 1 **Description** The issue is related to improper input validation, allowing local attackers to launch privileged activities. **Recommendations** For versions prior to SMR Jul-2023 Release 1, update to SMR Jul-2023 Release 1 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** libsec-ril versions prior to SMR Jul-2023 Release 1 **Description** The issue is related to an improper input validation vulnerability in the OemPersonalizationSetLock function in libsec-ril. This vulnerability allows local attackers to cause an Out-Of-Bounds write. **Recommendations** For versions prior to SMR Jul-2023 Release 1, update to the SMR Jul-2023 Release 1 or later to resolve the issue. As a temporary workaround, consider restricting access to the OemPersonalizationSetLock function in libsec-ril to minimize the risk of exploitation.

**Nome do software vulnerável e versões afetadas** Versões do módulo de telefonia anteriores à SMR Dez-2021 Release 1 **Descrição** Um problema de validação inadequada no módulo de telefonia permite que invasores realizem determinadas ações. **Recomendações** Para versões anteriores ao SMR Dez-2021 Release 1, atualize para o SMR Dez-2021 Release 1 ou posterior para resolver o problema.