CVE-2022-27567
Description
Null pointer dereference vulnerability in parser_hvcC function of libsimba library prior to SMR Apr-2022 Release 1 allows out of bounds write by remote attackers.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Null pointer dereference in parser_hvcC of libsimba prior to SMR Apr-2022 Release 1 allows remote out-of-bounds write.
Vulnerability
The vulnerability is a null pointer dereference in the parser_hvcC function of the libsimba library. This can lead to an out-of-bounds write. Affected versions are prior to SMR Apr-2022 Release 1 [1].
Exploitation
Remote attackers can exploit this vulnerability without authentication, as the description indicates it is exploitable by remote attackers [1]. No specific network position or user interaction is required beyond network access.
Impact
Successful exploitation results in an out-of-bounds write, which could lead to memory corruption or arbitrary code execution. The exact privilege level or scope of compromise is not detailed in the available references.
Mitigation
The vulnerability is fixed in SMR Apr-2022 Release 1 [1]. No workarounds are provided. There is no indication that this CVE is listed in the CISA Known Exploited Vulnerabilities (KEV) catalog.
AI Insight generated on May 27, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Range: < SMR Apr-2022 Release 1
- Range: Q(10), R(11), S(12)
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- security.samsungmobile.com/securityUpdate.smsbmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.