PT-2024-18755 · Unknown · Libsavsac.So
Zinuo Han
·
Published
2024-04-02
·
Updated
2024-04-02
·
CVE-2024-20846
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
libsavsac.so versions prior to SMR Apr-2024 Release 1
Description
The issue is related to an out-of-bounds write vulnerability while decoding hcr of libsavsac.so. This allows a local attacker to execute arbitrary code.
Recommendations
For versions prior to SMR Apr-2024 Release 1, update to SMR Apr-2024 Release 1 or later to resolve the issue. As a temporary workaround, consider restricting access to libsavsac.so to minimize the risk of exploitation.
Fix
Memory Corruption
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Libsavsac.So