CVE-2022-27574
Description
Improper input validation vulnerability in parser_iloc and sheifd_find_itemIndexin fuctions of libsimba library prior to SMR Apr-2022 Release 1 allows out of bounds write by privileged attacker.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Improper input validation in libsimba library prior to SMR Apr-2022 Release 1 allows out-of-bounds write by a privileged attacker.
Vulnerability
The libsimba library contains improper input validation in the parser_iloc and sheifd_find_itemIndexin functions. This vulnerability affects versions prior to SMR Apr-2022 Release 1. [1]
Exploitation
Exploitation requires privileged access to the device. The attacker can trigger the out-of-bounds write by providing crafted input to these functions.
Impact
Successful exploitation allows a privileged attacker to perform an out-of-bounds write, potentially leading to memory corruption or arbitrary code execution within the kernel context.
Mitigation
The issue is fixed in SMR Apr-2022 Release 1. Users should update to the latest security patch level. No workarounds are provided. [1]
AI Insight generated on May 27, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Range: < SMR Apr-2022 Release 1
- Range: Q(10), R(11), S(12)
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- security.samsungmobile.com/securityUpdate.smsbmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.