2023-12-05 05:00:22 +00:00
{
"id" : "CVE-2023-42563" ,
"sourceIdentifier" : "mobile.security@samsung.com" ,
"published" : "2023-12-05T03:15:16.230" ,
2024-12-08 03:06:42 +00:00
"lastModified" : "2024-11-21T08:22:47.790" ,
"vulnStatus" : "Modified" ,
2024-07-14 02:06:08 +00:00
"cveTags" : [ ] ,
2023-12-05 05:00:22 +00:00
"descriptions" : [
{
"lang" : "en" ,
"value" : "Integer overflow vulnerability in landmarkCopyImageToNative of libFacePreProcessingjni.camera.samsung.so prior to SMR Dec-2023 Release 1 allows attacker to trigger heap overflow."
2023-12-05 15:01:07 +00:00
} ,
{
"lang" : "es" ,
"value" : "Vulnerabilidad de desbordamiento de enteros en LandmarkCopyImageToNative de libFacePreProcessingjni.camera.samsung.so antes de SMR Dec-2023 Release 1 permite al atacante desencadenar un desbordamiento del heap."
2023-12-05 05:00:22 +00:00
}
] ,
"metrics" : {
"cvssMetricV31" : [
2023-12-08 21:00:22 +00:00
{
2024-12-08 03:06:42 +00:00
"source" : "mobile.security@samsung.com" ,
"type" : "Secondary" ,
2023-12-08 21:00:22 +00:00
"cvssData" : {
"version" : "3.1" ,
2024-12-08 03:06:42 +00:00
"vectorString" : "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H" ,
"baseScore" : 6.7 ,
"baseSeverity" : "MEDIUM" ,
2023-12-08 21:00:22 +00:00
"attackVector" : "LOCAL" ,
2024-12-08 03:06:42 +00:00
"attackComplexity" : "HIGH" ,
2023-12-08 21:00:22 +00:00
"privilegesRequired" : "LOW" ,
2024-12-08 03:06:42 +00:00
"userInteraction" : "REQUIRED" ,
2023-12-08 21:00:22 +00:00
"scope" : "UNCHANGED" ,
"confidentialityImpact" : "HIGH" ,
"integrityImpact" : "HIGH" ,
2024-12-08 03:06:42 +00:00
"availabilityImpact" : "HIGH"
2023-12-08 21:00:22 +00:00
} ,
2024-12-08 03:06:42 +00:00
"exploitabilityScore" : 0.8 ,
2023-12-08 21:00:22 +00:00
"impactScore" : 5.9
} ,
2023-12-05 05:00:22 +00:00
{
2024-12-08 03:06:42 +00:00
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
2023-12-05 05:00:22 +00:00
"cvssData" : {
"version" : "3.1" ,
2024-12-08 03:06:42 +00:00
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" ,
"baseScore" : 7.8 ,
"baseSeverity" : "HIGH" ,
2023-12-05 05:00:22 +00:00
"attackVector" : "LOCAL" ,
2024-12-08 03:06:42 +00:00
"attackComplexity" : "LOW" ,
2023-12-05 05:00:22 +00:00
"privilegesRequired" : "LOW" ,
2024-12-08 03:06:42 +00:00
"userInteraction" : "NONE" ,
2023-12-05 05:00:22 +00:00
"scope" : "UNCHANGED" ,
"confidentialityImpact" : "HIGH" ,
"integrityImpact" : "HIGH" ,
2024-12-08 03:06:42 +00:00
"availabilityImpact" : "HIGH"
2023-12-05 05:00:22 +00:00
} ,
2024-12-08 03:06:42 +00:00
"exploitabilityScore" : 1.8 ,
2023-12-05 05:00:22 +00:00
"impactScore" : 5.9
}
]
} ,
2023-12-08 21:00:22 +00:00
"weaknesses" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"description" : [
{
"lang" : "en" ,
"value" : "CWE-190"
}
]
}
] ,
"configurations" : [
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:samsung:android:*:*:*:*:*:*:*:*" ,
"versionStartIncluding" : "12.0" ,
"versionEndExcluding" : "14.0" ,
"matchCriteriaId" : "B15E2F17-4050-4D0C-AA18-15D97D0D446F"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:samsung:android:14.0:-:*:*:*:*:*:*" ,
"matchCriteriaId" : "3093F6FE-C562-4F62-97B7-CA0D2DDF9BBE"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:samsung:android:14.0:smr-apr-2023-r1:*:*:*:*:*:*" ,
"matchCriteriaId" : "DAB2A0D7-8F4F-4128-AE09-D2658D793BF7"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:samsung:android:14.0:smr-aug-2023-r1:*:*:*:*:*:*" ,
"matchCriteriaId" : "CC6E2FC7-2BAF-4C7B-9E0F-D9F844041A35"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:samsung:android:14.0:smr-dec-2022-r1:*:*:*:*:*:*" ,
"matchCriteriaId" : "2A901EFE-90BA-474C-88D2-8A3E7D99C0E7"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:samsung:android:14.0:smr-feb-2023-r1:*:*:*:*:*:*" ,
"matchCriteriaId" : "FD8B9CD3-063E-481E-BE7C-1628ADA71849"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:samsung:android:14.0:smr-jan-2023-r1:*:*:*:*:*:*" ,
"matchCriteriaId" : "9CE09EF7-B024-4D79-9400-C8223CDFBB86"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:samsung:android:14.0:smr-jul-2023-r1:*:*:*:*:*:*" ,
"matchCriteriaId" : "3DD61EDA-98ED-4309-B54F-0CF8B7D07DC7"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:samsung:android:14.0:smr-jun-2023-r1:*:*:*:*:*:*" ,
"matchCriteriaId" : "4ECB0B7A-590C-460C-878B-9A78CB37D259"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:samsung:android:14.0:smr-mar-2023-r1:*:*:*:*:*:*" ,
"matchCriteriaId" : "EAFE015F-8130-4F10-A553-420F0BB2A132"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:samsung:android:14.0:smr-may-2023-r1:*:*:*:*:*:*" ,
"matchCriteriaId" : "ACEA385E-3931-4438-A2A9-0357651F9B48"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:samsung:android:14.0:smr-nov-2022-r1:*:*:*:*:*:*" ,
"matchCriteriaId" : "6DD1F78D-EA98-4825-A0EA-703196DDE5E4"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:samsung:android:14.0:smr-nov-2023-r1:*:*:*:*:*:*" ,
"matchCriteriaId" : "BDDB3FBE-99EC-4763-961B-2C436D864A1A"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:samsung:android:14.0:smr-oct-2022-r1:*:*:*:*:*:*" ,
"matchCriteriaId" : "1B02110E-71FB-495F-86CA-F2A4E55C0E42"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:samsung:android:14.0:smr-oct-2023-r1:*:*:*:*:*:*" ,
"matchCriteriaId" : "931CC6D7-A42D-4482-B901-B539DFF89C3E"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:samsung:android:14.0:smr-sep-2023-r1:*:*:*:*:*:*" ,
"matchCriteriaId" : "84ED2366-D4BA-4094-94AC-AD6E7AEBB6FF"
}
]
}
]
}
] ,
2023-12-05 05:00:22 +00:00
"references" : [
{
"url" : "https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=12" ,
2023-12-08 21:00:22 +00:00
"source" : "mobile.security@samsung.com" ,
"tags" : [
"Vendor Advisory"
]
2024-12-08 03:06:42 +00:00
} ,
{
"url" : "https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=12" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Vendor Advisory"
]
2023-12-05 05:00:22 +00:00
}
]
}
