Search

Find a vulnerability

Search criteria

    8 vulnerabilities found for T606/T612/T616 by Unisoc (Shanghai) Technologies Co., Ltd.

    CVE-2023-42731 (GCVE-0-2023-42731)

    Vulnerability from nvd – Published: 2023-12-04 00:54 – Updated: 2024-12-02 18:07
    VLAI
    Summary
    In Gnss service, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
    Severity
    No CVSS data available.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    Assigner
    Impacted products
    Vendor Product Version
    Unisoc (Shanghai) Technologies Co., Ltd. T606/T612/T616 Affected: Android11/Android12/Android13
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T19:30:24.245Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-42731",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-12-02T18:07:44.386719Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-12-02T18:07:54.278Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "T606/T612/T616",
              "vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Android11/Android12/Android13"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In Gnss service, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed"
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-12-04T00:54:18.885Z",
            "orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
            "shortName": "Unisoc"
          },
          "references": [
            {
              "url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
        "assignerShortName": "Unisoc",
        "cveId": "CVE-2023-42731",
        "datePublished": "2023-12-04T00:54:18.885Z",
        "dateReserved": "2023-09-13T07:40:40.037Z",
        "dateUpdated": "2024-12-02T18:07:54.278Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-42719 (GCVE-0-2023-42719)

    Vulnerability from nvd – Published: 2023-12-04 00:54 – Updated: 2024-10-11 17:54
    VLAI
    Summary
    In video service, there is a possible out of bounds read due to a incorrect bounds check. This could lead to local denial of service with no additional execution privileges needed
    Severity
    No CVSS data available.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    Assigner
    Impacted products
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T19:30:23.301Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-42719",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-11T17:51:25.583862Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-11T17:54:53.592Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "T606/T612/T616",
              "vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Android12"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In video service, there is a possible out of bounds read due to a incorrect bounds check. This could lead to local denial of service with no additional execution privileges needed"
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-12-04T00:54:15.508Z",
            "orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
            "shortName": "Unisoc"
          },
          "references": [
            {
              "url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
        "assignerShortName": "Unisoc",
        "cveId": "CVE-2023-42719",
        "datePublished": "2023-12-04T00:54:15.508Z",
        "dateReserved": "2023-09-13T07:40:40.034Z",
        "dateUpdated": "2024-10-11T17:54:53.592Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-40652 (GCVE-0-2023-40652)

    Vulnerability from nvd – Published: 2023-10-08 03:36 – Updated: 2024-09-19 18:09
    VLAI
    Summary
    In jpg driver, there is a possible out of bounds write due to improper input validation. This could lead to local denial of service with System execution privileges needed
    Severity
    No CVSS data available.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    Assigner
    Impacted products
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T18:38:51.211Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1707266966118531074"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-40652",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-19T18:08:26.397626Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-19T18:09:40.765Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "T606/T612/T616",
              "vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Android11"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In jpg driver, there is a possible out of bounds write due to improper input validation. This could lead to local denial of service with System execution privileges needed"
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-10-08T03:36:04.349Z",
            "orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
            "shortName": "Unisoc"
          },
          "references": [
            {
              "url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1707266966118531074"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
        "assignerShortName": "Unisoc",
        "cveId": "CVE-2023-40652",
        "datePublished": "2023-10-08T03:36:04.349Z",
        "dateReserved": "2023-08-18T02:28:08.634Z",
        "dateUpdated": "2024-09-19T18:09:40.765Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-40632 (GCVE-0-2023-40632)

    Vulnerability from nvd – Published: 2023-10-08 03:35 – Updated: 2024-09-19 18:40
    VLAI
    Summary
    In jpg driver, there is a possible use after free due to a logic error. This could lead to remote information disclosure no additional execution privileges needed
    Severity
    No CVSS data available.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    Assigner
    Impacted products
    Vendor Product Version
    Unisoc (Shanghai) Technologies Co., Ltd. T606/T612/T616 Affected: Android13
    Create a notification for this product.
    unisoc t606 Affected: android13
        cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*
    Create a notification for this product.
    unisoc t612 Affected: Android13
        cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*
    Create a notification for this product.
    unisoc t616 Affected: Android13
        cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T18:38:50.975Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1707266966118531074"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "t606",
                "vendor": "unisoc",
                "versions": [
                  {
                    "status": "affected",
                    "version": "android13"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "t612",
                "vendor": "unisoc",
                "versions": [
                  {
                    "status": "affected",
                    "version": "Android13"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "t616",
                "vendor": "unisoc",
                "versions": [
                  {
                    "status": "affected",
                    "version": "Android13"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-40632",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-19T18:36:23.008721Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-19T18:40:15.360Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "T606/T612/T616",
              "vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Android13"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In jpg driver, there is a possible use after free due to a logic error. This could lead to remote information disclosure no additional execution privileges needed"
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-10-08T03:35:58.116Z",
            "orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
            "shortName": "Unisoc"
          },
          "references": [
            {
              "url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1707266966118531074"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
        "assignerShortName": "Unisoc",
        "cveId": "CVE-2023-40632",
        "datePublished": "2023-10-08T03:35:58.116Z",
        "dateReserved": "2023-08-18T02:28:08.631Z",
        "dateUpdated": "2024-09-19T18:40:15.360Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-42731 (GCVE-0-2023-42731)

    Vulnerability from cvelistv5 – Published: 2023-12-04 00:54 – Updated: 2024-12-02 18:07
    VLAI
    Summary
    In Gnss service, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
    Severity
    No CVSS data available.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    Assigner
    Impacted products
    Vendor Product Version
    Unisoc (Shanghai) Technologies Co., Ltd. T606/T612/T616 Affected: Android11/Android12/Android13
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T19:30:24.245Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-42731",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-12-02T18:07:44.386719Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-12-02T18:07:54.278Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "T606/T612/T616",
              "vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Android11/Android12/Android13"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In Gnss service, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed"
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-12-04T00:54:18.885Z",
            "orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
            "shortName": "Unisoc"
          },
          "references": [
            {
              "url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
        "assignerShortName": "Unisoc",
        "cveId": "CVE-2023-42731",
        "datePublished": "2023-12-04T00:54:18.885Z",
        "dateReserved": "2023-09-13T07:40:40.037Z",
        "dateUpdated": "2024-12-02T18:07:54.278Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-42719 (GCVE-0-2023-42719)

    Vulnerability from cvelistv5 – Published: 2023-12-04 00:54 – Updated: 2024-10-11 17:54
    VLAI
    Summary
    In video service, there is a possible out of bounds read due to a incorrect bounds check. This could lead to local denial of service with no additional execution privileges needed
    Severity
    No CVSS data available.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    Assigner
    Impacted products
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T19:30:23.301Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-42719",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-11T17:51:25.583862Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-11T17:54:53.592Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "T606/T612/T616",
              "vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Android12"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In video service, there is a possible out of bounds read due to a incorrect bounds check. This could lead to local denial of service with no additional execution privileges needed"
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-12-04T00:54:15.508Z",
            "orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
            "shortName": "Unisoc"
          },
          "references": [
            {
              "url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
        "assignerShortName": "Unisoc",
        "cveId": "CVE-2023-42719",
        "datePublished": "2023-12-04T00:54:15.508Z",
        "dateReserved": "2023-09-13T07:40:40.034Z",
        "dateUpdated": "2024-10-11T17:54:53.592Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-40652 (GCVE-0-2023-40652)

    Vulnerability from cvelistv5 – Published: 2023-10-08 03:36 – Updated: 2024-09-19 18:09
    VLAI
    Summary
    In jpg driver, there is a possible out of bounds write due to improper input validation. This could lead to local denial of service with System execution privileges needed
    Severity
    No CVSS data available.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    Assigner
    Impacted products
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T18:38:51.211Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1707266966118531074"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-40652",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-19T18:08:26.397626Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-19T18:09:40.765Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "T606/T612/T616",
              "vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Android11"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In jpg driver, there is a possible out of bounds write due to improper input validation. This could lead to local denial of service with System execution privileges needed"
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-10-08T03:36:04.349Z",
            "orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
            "shortName": "Unisoc"
          },
          "references": [
            {
              "url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1707266966118531074"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
        "assignerShortName": "Unisoc",
        "cveId": "CVE-2023-40652",
        "datePublished": "2023-10-08T03:36:04.349Z",
        "dateReserved": "2023-08-18T02:28:08.634Z",
        "dateUpdated": "2024-09-19T18:09:40.765Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-40632 (GCVE-0-2023-40632)

    Vulnerability from cvelistv5 – Published: 2023-10-08 03:35 – Updated: 2024-09-19 18:40
    VLAI
    Summary
    In jpg driver, there is a possible use after free due to a logic error. This could lead to remote information disclosure no additional execution privileges needed
    Severity
    No CVSS data available.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    Assigner
    Impacted products
    Vendor Product Version
    Unisoc (Shanghai) Technologies Co., Ltd. T606/T612/T616 Affected: Android13
    Create a notification for this product.
    unisoc t606 Affected: android13
        cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*
    Create a notification for this product.
    unisoc t612 Affected: Android13
        cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*
    Create a notification for this product.
    unisoc t616 Affected: Android13
        cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T18:38:50.975Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1707266966118531074"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:h:unisoc:t606:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "t606",
                "vendor": "unisoc",
                "versions": [
                  {
                    "status": "affected",
                    "version": "android13"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:unisoc:t612:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "t612",
                "vendor": "unisoc",
                "versions": [
                  {
                    "status": "affected",
                    "version": "Android13"
                  }
                ]
              },
              {
                "cpes": [
                  "cpe:2.3:h:unisoc:t616:-:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unaffected",
                "product": "t616",
                "vendor": "unisoc",
                "versions": [
                  {
                    "status": "affected",
                    "version": "Android13"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-40632",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-19T18:36:23.008721Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-19T18:40:15.360Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "T606/T612/T616",
              "vendor": "Unisoc (Shanghai) Technologies Co., Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "Android13"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In jpg driver, there is a possible use after free due to a logic error. This could lead to remote information disclosure no additional execution privileges needed"
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-10-08T03:35:58.116Z",
            "orgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
            "shortName": "Unisoc"
          },
          "references": [
            {
              "url": "https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1707266966118531074"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "63f92e9c-2193-4c24-98a9-93640392c3d3",
        "assignerShortName": "Unisoc",
        "cveId": "CVE-2023-40632",
        "datePublished": "2023-10-08T03:35:58.116Z",
        "dateReserved": "2023-08-18T02:28:08.631Z",
        "dateUpdated": "2024-09-19T18:40:15.360Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }