CVSS: 10.0EPSS: 0%CPEs: 6EXPL: 0CVE-2018-21072
https://notcve.org/view.php?id=CVE-2018-21072
08 Apr 2020 — An issue was discovered on Samsung mobile devices with M(6.0), N(7.x), and O(8.0) (Exynos chipsets) software. A kernel driver allows out-of-bounds Read/Write operations and possibly arbitrary code execution. The Samsung ID is SVE-2018-11358 (May 2018). Se detectó un problema en dispositivos móviles Samsung con versiones de software M(6.0), N(7.x) y O(8.0) (chipsets Exynos). Un controlador del kernel permite operaciones de Lectura y Escritura fuera de límites y posiblemente una ejecución de código arbitraria... • https://security.samsungmobile.com/securityUpdate.smsb • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 3.3EPSS: 0%CPEs: 2EXPL: 0CVE-2018-21074
https://notcve.org/view.php?id=CVE-2018-21074
08 Apr 2020 — An issue was discovered on Samsung mobile devices with M(6.x) (Exynos or Qualcomm chipsets) software. There is information disclosure from a Trustlet via the debug log. The Samsung ID is SVE-2017-10638 (April 2018). Se detectó un problema en dispositivos móviles Samsung con versión de software M(6.x) (chipsets Exynos o Qualcomm). Se presenta una divulgación de información desde un Trustlet por medio del registro de depuración. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 2.4EPSS: 0%CPEs: 6EXPL: 0CVE-2018-21077
https://notcve.org/view.php?id=CVE-2018-21077
08 Apr 2020 — An issue was discovered on Samsung mobile devices with M(6.0), N(7.x), and O(8.x) software. There is a Clipboard content disclosure in the locked state because the keyboard may be used during an emergency call. The Samsung ID is SVE-2017-11107 (April 2018). Se detectó un problema en dispositivos móviles Samsung con versiones de software M(6.0), N(7.x) y O(8.x). Se presenta una divulgación de contenido del Clipboard en el estado bloqueado porque el teclado puede ser usado durante una llamada de emergencia. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2018-21078
https://notcve.org/view.php?id=CVE-2018-21078
08 Apr 2020 — An issue was discovered on Samsung mobile devices with M(6.0), N(7.x), and O(8.0) software. The Contacts application allows attackers to originate video calls because SS (Supplementary Service) and USSD (Unstructured Supplementary Service Data) codes are improperly secured. The Samsung ID is SVE-2018-11469 (April 2018). Se detectó un problema en dispositivos móviles Samsung con versiones de software M(6.0), N(7.x) y O(8.0). La aplicación Contacts permite a atacantes originar videollamadas porque los códigos... • https://security.samsungmobile.com/securityUpdate.smsb • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 12EXPL: 0CVE-2018-21079
https://notcve.org/view.php?id=CVE-2018-21079
08 Apr 2020 — An issue was discovered on Samsung mobile devices with L(5.x), M(6.0), N(7.x), and O(8.0) software. There is a kernel pointer leak in the USB gadget driver. The Samsung ID is SVE-2017-10993 (March 2018). Se detectó un problema en dispositivos móviles Samsung con versiones de software L(5.x), M(6.0), N(7.x) y O(8.0). Se presenta una fuga del puntero del kernel en el controlador del gadget USB. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2018-21083
https://notcve.org/view.php?id=CVE-2018-21083
08 Apr 2020 — An issue was discovered on Samsung mobile devices with M(6.0), N(7.x), and O(8.0) (Exynos or Qualcomm chipsets) software. There is information disclosure (of a kernel address) via trustonic_tee. The Samsung ID is SVE-2017-11175 (February 2018). Se detectó un problema en dispositivos móviles Samsung con versiones de software M(6.0), N(7.x) y O(8.0) (chipsets Exynos o Qualcomm). Se presenta una divulgación de información (de una dirección del kernel) por medio de trustonic_tee. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.1EPSS: 0%CPEs: 6EXPL: 0CVE-2018-21084
https://notcve.org/view.php?id=CVE-2018-21084
08 Apr 2020 — An issue was discovered on Samsung mobile devices with L(5.1), M(6.0), and N(7.x) software. There is a race condition with a resultant read-after-free issue in get_kek. The Samsung ID is SVE-2017-11174 (February 2018). Se detectó un problema en dispositivos móviles Samsung con versiones de software L(5.1), M(6.0) y N(7.x). Se presenta una condición de carrera con un problema resultante de lectura de memoria previamente liberada en get_kek. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •
CVSS: 8.1EPSS: 0%CPEs: 11EXPL: 0CVE-2018-21085
https://notcve.org/view.php?id=CVE-2018-21085
08 Apr 2020 — An issue was discovered on Samsung mobile devices with L(5.x), M(6.0), and N(7.x) software. There is a race condition with a resultant use-after-free in vnswap_deinit_backing_storage. The Samsung ID is SVE-2017-11176 (February 2018). Se detectó un problema en dispositivos móviles Samsung con versiones de software L(5.x), M(6.0) y N(7.x). Se presenta una condición de carrera con un uso de la memoria previamente liberada resultante en vnswap_deinit_backing_storage. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •
CVSS: 8.1EPSS: 0%CPEs: 11EXPL: 0CVE-2018-21086
https://notcve.org/view.php?id=CVE-2018-21086
08 Apr 2020 — An issue was discovered on Samsung mobile devices with L(5.x), M(6.0), and N(7.x) software. There is a race condition with a resultant double free in vnswap_init_backing_storage. The Samsung ID is SVE-2017-11177 (February 2018). Se detectó un problema en dispositivos móviles Samsung con versiones de software L(5.x), M(6.0) y N(7.x). Se presenta una condición de carrera con una doble liberación resultante en vnswap_init_backing_storage. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-415: Double Free •
CVSS: 9.8EPSS: 0%CPEs: 12EXPL: 0CVE-2018-21087
https://notcve.org/view.php?id=CVE-2018-21087
08 Apr 2020 — An issue was discovered on Samsung mobile devices with L(5.x), M(6.x), and N(7.x) software. There is a vnswap heap-based buffer overflow via the store function, with resultant privilege escalation. The Samsung ID is SVE-2017-10599 (January 2018). Se detectó un problema en dispositivos móviles Samsung con versiones de software L(5.x), M(6.x) y N(7.x). Se presenta un desbordamiento de búfer en la región heap de la memoria en vnswap por medio de la función store, con una escalada de privilegios resultante. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-787: Out-of-bounds Write •