CVE-2023-42537

CVSS v3.1

8.4

High

Vector

AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions libsaped versions prior to SMR Nov-2023 Release 1

Description The issue is related to improper input validation in the get head crc function in libsaped, allowing local attackers to cause out-of-bounds read and write.

Recommendations For versions prior to SMR Nov-2023 Release 1, update to the SMR Nov-2023 Release 1 or later to resolve the issue. As a temporary workaround, consider restricting access to the get head crc function in libsaped to minimize the risk of exploitation.

Fix

Memory Corruption

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787CWE-125

Related Identifiers

CVE-2023-42537

Affected Products

Libsaped

CVE-2023-42537

Weakness Enumeration

Related Identifiers

Affected Products

References · 5