CVE-2023-29731

Name of the Vulnerable Software and Affected Versions SoLive versions 1.6.14 through 1.6.20

Description The issue allows an attacker to inject a large amount of data into any SharedPreference file, which will be loaded into memory when the application is opened. This can cause the application to trigger an OOM error and crash at startup, resulting in a persistent denial of service. An exposed component provides a method to modify the SharedPreference file, which can be leveraged by an attacker.

Recommendations For SoLive versions 1.6.14 through 1.6.20, as a temporary workaround, consider restricting access to the SharedPreference file until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.