CVE-2022-23747
First published: Wed Aug 17 2022(Updated: )
In Sony Xperia series 1, 5, and Pro, an out of bound memory access can occur due to lack of validation of the number of frames being passed during music playback.
Credit: cve@checkpoint.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Sony Xperia 1 Firmware | ||
| Sony Xperia 1 | ||
| Sony Xperia 5 Firmware | ||
| Sony Xperia 5 | ||
| Sony Xperia Pro Firmware | ||
| Sony Xperia Pro |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2022-23747?
CVE-2022-23747 is a vulnerability in Sony Xperia series 1, 5, and Pro that allows for an out-of-bound memory access during music playback.
Which devices are affected by CVE-2022-23747?
Sony Xperia series 1, 5, and Pro devices are affected by CVE-2022-23747.
What is the severity of CVE-2022-23747?
CVE-2022-23747 has a severity rating of 9.8 (Critical).
How can the out-of-bound memory access in CVE-2022-23747 be exploited?
The out-of-bound memory access in CVE-2022-23747 can be exploited by passing a large number of frames during music playback.
Are there any fixes or patches available for CVE-2022-23747?
It is recommended to update the firmware of the affected Sony Xperia devices to mitigate the vulnerability.
- collector/nvd-index
- agent/weakness
- agent/references
- agent/severity
- agent/author
- agent/description
- agent/type
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/sony
- canonical/sony xperia 1 firmware
- canonical/sony xperia 1
- canonical/sony xperia 5 firmware
- canonical/sony xperia 5
- canonical/sony xperia pro firmware
- canonical/sony xperia pro