CVE-2023-42536

CVSS v3.1

8.4

High

Vector

AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions libsaped versions prior to SMR Nov-2023 Release 1

Description The issue is related to improper input validation in the saped dec component of libsaped, allowing local attackers to cause out-of-bounds read and write. This can potentially lead to unauthorized access or data modification.

Recommendations For versions prior to SMR Nov-2023 Release 1, update to SMR Nov-2023 Release 1 or later to resolve the issue. As a temporary workaround, consider restricting access to the saped dec component in libsaped to minimize the risk of exploitation.

Fix

Memory Corruption

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787CWE-125

Related Identifiers

CVE-2023-42536

Affected Products

Libsaped

CVE-2023-42536

Weakness Enumeration

Related Identifiers

Affected Products

References · 5