PT-2024-18724 · Unknown · Libsthmbc.So
Dawuge
·
Published
2024-02-05
·
Updated
2024-03-12
·
CVE-2024-20817
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
libsthmbc.so versions prior to SMR Feb-2024 Release 1
Description
The issue is related to Out-of-bounds Write vulnerabilities in the
svc1td vld slh function of libsthmbc.so. This allows local attackers to trigger a buffer overflow.Recommendations
For versions prior to SMR Feb-2024 Release 1, update to the SMR Feb-2024 Release 1 or later to resolve the issue. As a temporary workaround, consider restricting access to the
svc1td vld slh function in libsthmbc.so to minimize the risk of exploitation.Fix
Memory Corruption
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Libsthmbc.So