Double free validation vulnerability in setPinPadImages in mPOS TUI trustlet prior to SMR May-2023 Release 1 allows local attackers to access the trustlet memory.
The product calls free() twice on the same memory address, potentially leading to modification of unexpected memory locations.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Android | Samsung | 13.0 | 13.0 |
Android | Samsung | 13.0 | 13.0 |
Android | Samsung | 13.0 | 13.0 |
Android | Samsung | 13.0 | 13.0 |
Android | Samsung | 13.0 | 13.0 |
Android | Samsung | 13.0 | 13.0 |
Android | Samsung | 13.0 | 13.0 |
Android | Samsung | 13.0 | 13.0 |