PT-2022-15990 · Rpmb · Rpmb
Federico Menarini
+1
·
Published
2022-02-11
·
Updated
2023-07-12
·
CVE-2022-23432
CVSS v3.1
6.7
Medium
| Vector | AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
RPMB ldfw versions prior to SMR Feb-2022 Release 1
Description
The issue is related to improper input validation in the SMC SRPMB WSM handler of RPMB ldfw, allowing arbitrary memory write and code execution.
Recommendations
For versions prior to SMR Feb-2022 Release 1, update to SMR Feb-2022 Release 1 or later to resolve the issue.
Fix
Memory Corruption
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Rpmb