CVE-2022-3349 – Sony PS4/PS5 exFAT UVFAT_readupcasetable heap-based overflow

https://notcve.org/view.php?id=CVE-2022-3349

A vulnerability was found in Sony PS4 and PS5. It has been classified as critical. This affects the function UVFAT_readupcasetable of the component exFAT Handler. The manipulation of the argument dataLength leads to heap-based buffer overflow. It is possible to launch the attack on the physical device. • https://hackerone.com/reports/1340942 https://vuldb.com/?id.209679 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •