CVE-2023-5447

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Synaptics Fingerprint Driver versions prior to 6.0.39.1136 Synaptics Fingerprint Driver versions prior to 6.0.64.1105

Description The issue is related to a missing lock check in SynHsaService, which may create a use-after-free condition, causing abnormal termination of the service and resulting in denial of service for the Synaptics Hardware Support App.

Recommendations For Synaptics Fingerprint Driver versions prior to 6.0.39.1136, upgrade the driver to 6.0.39.1136 or later to mitigate the risk. For Synaptics Fingerprint Driver versions prior to 6.0.64.1105, upgrade the driver to 6.0.64.1105 or later to mitigate the risk.

Fix

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-414CWE-416

Related Identifiers

CVE-2023-5447

Affected Products

Synaptics Fingerprint Driver

CVE-2023-5447

Weakness Enumeration

Related Identifiers

Affected Products

References · 3