CVE-2023-5447

Missing lock check in SynHsaService may create a use-after-free condition which causes abnormal termination of the service, resulting in denial of service for the Synaptics Hardware Support App.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
SynapticsCNA
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CISA-ADPADP
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 22%
Common Weakness Enumeration
References
https://www.synaptics.com/sites/default/files/2023-10/fingerprint-driver-HSAService-security-brief-2023-10-13.pdf
https://www.synaptics.com/sites/default/files/2023-10/fingerprint-driver-HSAService-security-brief-2023-10-13.pdf