CVE-2023-5447

EUVD-2023-57762
Missing lock check in SynHsaService may create a use-after-free condition which causes abnormal termination of the service, resulting in denial of service for the Synaptics Hardware Support App.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
SynapticsCNA
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
synapticsfingerprint_driver
6.0.0.1105 ≤
𝑥
< 6.0.64.1105
CNA
synapticsfingerprint_driver
6.0.0.1136 ≤
𝑥
< 6.0.39.1136
CNA
Common Weakness Enumeration
References
https://www.synaptics.com/sites/default/files/2023-10/fingerprint-driver-HSAService-security-brief-2023-10-13.pdf
https://www.synaptics.com/sites/default/files/2023-10/fingerprint-driver-HSAService-security-brief-2023-10-13.pdf