PT-2024-18744 · Unknown · Libsubextractor.So
Published
2024-03-04
·
Updated
2025-02-10
·
CVE-2024-20836
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
libsubextractor.so versions prior to SMR Mar-2024 Release 1
Description
The issue is an out of bounds read vulnerability in the
ssmis get frm function within libsubextractor.so. This allows local attackers to read out of bounds memory.Recommendations
For versions prior to SMR Mar-2024 Release 1, update to SMR Mar-2024 Release 1 or later to resolve the issue. As a temporary workaround, consider restricting access to the
ssmis get frm function in libsubextractor.so until a patch is available.Fix
Out of bounds Read
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Libsubextractor.So