CVE-2021-25407 – Samsung NPU npu_session_format Out-Of-Bounds Write
https://notcve.org/view.php?id=CVE-2021-25407
A possible out of bounds write vulnerability in NPU driver prior to SMR JUN-2021 Release 1 allows arbitrary memory write. Una posible vulnerabilidad de escritura fuera de límites en NPU driver versiones anteriores a SMR JUN-2021 Release 1, permite una escritura arbitraria en la memoria Samsung NPU (Neural Processing Unit) suffers from an out-of-bounds write vulnerability in npu_session_format. • http://packetstormsecurity.com/files/163198/Samsung-NPU-npu_session_format-Out-Of-Bounds-Write.html https://security.samsungmobile.com/securityUpdate.smsb?year=2021&month=6 • CWE-787: Out-of-bounds Write •
CVE-2021-25372 – Samsung Mobile Devices Improper Boundary Check Vulnerability
https://notcve.org/view.php?id=CVE-2021-25372
An improper boundary check in DSP driver prior to SMR Mar-2021 Release 1 allows out of bounds memory access. Una comprobación inapropiada de límites en el controlador DSP versiones anteriores a SMR Mar-2021 Release 1, permite un acceso a la memoria fuera de límites. Samsung mobile devices contain an improper boundary check vulnerability within DSP driver that allows for out-of-bounds memory access. • https://security.samsungmobile.com https://security.samsungmobile.com/securityUpdate.smsb • CWE-787: Out-of-bounds Write •
CVE-2021-25371 – Samsung Mobile Devices Unspecified Vulnerability
https://notcve.org/view.php?id=CVE-2021-25371
A vulnerability in DSP driver prior to SMR Mar-2021 Release 1 allows attackers load arbitrary ELF libraries inside DSP. Una vulnerabilidad en el controlador DSP versiones anteriores a SMR Mar-2021 Release 1, permite a atacantes cargar bibliotecas ELF arbitrarias dentro de DSP. Samsung mobile devices contain an unspecified vulnerability within DSP driver that allows attackers to load ELF libraries inside DSP. • https://security.samsungmobile.com https://security.samsungmobile.com/securityUpdate.smsb • CWE-912: Hidden Functionality •
CVE-2020-28343
https://notcve.org/view.php?id=CVE-2020-28343
An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) (Exynos 980, 9820, and 9830 chipsets) software. The NPU driver allows attackers to execute arbitrary code because of unintended write and read operations on memory. The Samsung ID is SVE-2020-18610 (November 2020). Se detectó un problema en los dispositivos móviles Samsung con versiones de software P(9.0) y Q(10.0) (chipsets Exynos 980, 9820, y 9830). El controlador de NPU permite a atacantes ejecutar código arbitrario debido a operaciones de lectura y escritura involuntarias en memoria. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-787: Out-of-bounds Write •