CVE-2023-30666

Vulnerability

An improper input validation vulnerability exists in the DoOemImeiSetPreconfig function within libsec-ril on Samsung devices. The issue affects versions prior to the SMR Jul-2023 Release 1 (security maintenance release). The function fails to properly validate input, leading to an out-of-bounds write when processing crafted data.

Exploitation

An attacker with local access to the device can exploit this vulnerability by supplying specially crafted input to the DoOemImeiSetPreconfig function. No additional privileges or user interaction are required beyond local access. The attacker can trigger the out-of-bounds write by invoking the vulnerable code path with malicious parameters.

Impact

Successful exploitation results in an out-of-bounds write, which can corrupt adjacent memory. This may lead to denial of service, information disclosure, or potentially arbitrary code execution in the context of the RIL (Radio Interface Layer) process, depending on the memory layout and system state.

Mitigation

The vulnerability is fixed in Samsung's SMR Jul-2023 Release 1, published in July 2023 [1]. Users should update their devices to the latest security patch level. No workarounds are available for unpatched versions.