How severe is CVE-2022-39908?

CVE-2022-39908 has a CVSS v3 score of 6.9 (MEDIUM).

CVE-2022-39908

Name: android
Author: google

6.9MEDIUM

TOCTOU vulnerability in Samsung decoding library for video thumbnails prior to SMR Dec-2022 Release 1 allows local attacker to perform Out-Of-Bounds Write.

Published: 12/8/2022Updated: 11/21/2024

Description

TOCTOU vulnerability in Samsung decoding library for video thumbnails prior to SMR Dec-2022 Release 1 allows local attacker to perform Out-Of-Bounds Write.

AI AnalysisPowered by AI

Affected Products

googleandroid

10.0

googleandroid

11.0

googleandroid

12.0

googleandroid

13.0

References

https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=12
Vendor Advisory
https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=12
Vendor Advisory