Out-of-bounds write in libswmfextractor.so prior to SMR Dec-2024 Release 1 allows local attackers to execute arbitrary code.
| Date Added | Due Date | Vulnerability Name | Required Action |
|---|---|---|---|
| N/A |
| Type | Version | Base score | Base severity | Vector |
|---|---|---|---|---|
| Secondary | 3.1 | 5.9 | MEDIUM | CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L |
| Primary | 3.1 | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
| CWE ID | Type | Source |
|---|---|---|
| CWE-787 | Primary | nvd@nist.gov |
| Hyperlink | Source | Resource |
|---|---|---|
| https://security.samsungmobile.com/securityUpdate.smsb?year=2024&month=12 | mobile.security@samsung.com | Vendor Advisory |