CVE-2022-42499

Name of the Vulnerable Software and Affected Versions Android kernel

Description The issue is related to a heap buffer overflow in the sms SendMmCpErrMsg function of sms MmConManagement.c. This overflow could lead to a possible out of bounds write, resulting in remote code execution without requiring additional execution privileges. User interaction is not necessary for exploitation.

Recommendations For Android kernel, apply the necessary patch to fix the heap buffer overflow issue in the sms SendMmCpErrMsg function. As a temporary workaround, consider restricting access to the sms MmConManagement.c module to minimize the risk of exploitation.