First published: Mon Apr 11 2022(Updated: )
Null pointer dereference vulnerability in parser_colr function in libsimba library prior to SMR Apr-2022 Release 1 allows out of bounds write by remote attacker.
Credit: mobile.security@samsung.com
Affected Software | Affected Version | How to fix |
---|---|---|
Google Android | =10.0 | |
Google Android | =11.0 | |
Google Android | =12.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-26095 is a null pointer dereference vulnerability in the parser_colr function in the libsimba library prior to SMR Apr-2022 Release 1.
CVE-2022-26095 allows a remote attacker to perform an out-of-bounds write in the libsimba library.
CVE-2022-26095 affects Google Android versions 10.0, 11.0, and 12.0.
CVE-2022-26095 has a severity rating of critical with a CVSS score of 9.8.
A fix for CVE-2022-26095 is included in the SMR Apr-2022 Release 1.