CVE-2022-23431
First published: Fri Feb 11 2022(Updated: )
An improper boundary check in RPMB ldfw prior to SMR Feb-2022 Release 1 allows arbitrary memory write and code execution.
Credit: mobile.security@samsung.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Google Android | =10.0 | |
| Google Android | =11.0 | |
| Google Android | =12.0 | |
| Samsung Exynos |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability?
The vulnerability is an improper boundary check in RPMB ldfw prior to SMR Feb-2022 Release 1 that allows arbitrary memory write and code execution.
What software versions are affected by CVE-2022-23431?
Google Android versions 10.0, 11.0, and 12.0 are affected by CVE-2022-23431.
What is the severity of CVE-2022-23431?
The severity of CVE-2022-23431 is medium with a severity value of 6.7.
How can I fix CVE-2022-23431?
To fix CVE-2022-23431, update to SMR Feb-2022 Release 1 or a newer version as provided by the vendor.
Where can I find more information about CVE-2022-23431?
You can find more information about CVE-2022-23431 at the following reference link: [Security Update from Samsung](https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=2)
- agent/severity
- agent/references
- agent/weakness
- agent/author
- agent/type
- agent/description
- agent/event
- agent/last-modified-date
- agent/tags
- agent/softwarecombine
- agent/first-publish-date
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/mitre-cve
- source/MITRE
- vendor/google
- canonical/google android
- version/google android/10.0
- version/google android/11.0
- version/google android/12.0
- vendor/samsung
- canonical/samsung exynos