6.2

CVE-2025-31712

In cplog service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed.

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
GoogleAndroid Version13.0
   UnisocS8000 Version-
   UnisocSc7731e Version-
   UnisocSc9832e Version-
   UnisocSc9863a Version-
   UnisocT310 Version-
   UnisocT606 Version-
   UnisocT610 Version-
   UnisocT612 Version-
   UnisocT616 Version-
   UnisocT618 Version-
   UnisocT750 Version-
   UnisocT760 Version-
   UnisocT765 Version-
   UnisocT770 Version-
   UnisocT820 Version-
   UnisocT8300 Version-
   UnisocT9300 Version-
GoogleAndroid Version14.0
   UnisocS8000 Version-
   UnisocSc7731e Version-
   UnisocSc9832e Version-
   UnisocSc9863a Version-
   UnisocT310 Version-
   UnisocT606 Version-
   UnisocT610 Version-
   UnisocT612 Version-
   UnisocT616 Version-
   UnisocT618 Version-
   UnisocT750 Version-
   UnisocT760 Version-
   UnisocT765 Version-
   UnisocT770 Version-
   UnisocT820 Version-
   UnisocT8300 Version-
   UnisocT9300 Version-
GoogleAndroid Version15.0
   UnisocS8000 Version-
   UnisocSc7731e Version-
   UnisocSc9832e Version-
   UnisocSc9863a Version-
   UnisocT310 Version-
   UnisocT606 Version-
   UnisocT610 Version-
   UnisocT612 Version-
   UnisocT616 Version-
   UnisocT618 Version-
   UnisocT750 Version-
   UnisocT760 Version-
   UnisocT765 Version-
   UnisocT770 Version-
   UnisocT820 Version-
   UnisocT8300 Version-
   UnisocT9300 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.01% 0.019
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6.2 2.5 3.6
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
security@unisoc.com 5.1 2.5 2.5
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.