CVSS: 6.7EPSS: 0%CPEs: 2EXPL: 0CVE-2024-27385
https://notcve.org/view.php?id=CVE-2024-27385
09 Jul 2024 — A vulnerability was discovered in the slsi_handle_nan_rx_event_log_ind function in Samsung Mobile Processor Exynos 1380 and Exynos 1480 related to no input validation check on tag_len for rx coming from userspace, which can lead to heap overwrite. Se descubrió una vulnerabilidad en la función slsi_handle_nan_rx_event_log_ind en Samsung Mobile Processor Exynos 1380 y Exynos 1480 relacionada con la falta de verificación de validación de entrada en tag_len para rx provenientes del espacio de usuario, lo que pu... • https://semiconductor.samsung.com/support/quality-support/product-security-updates • CWE-20: Improper Input Validation •
CVSS: 6.7EPSS: 0%CPEs: 2EXPL: 0CVE-2024-27386
https://notcve.org/view.php?id=CVE-2024-27386
09 Jul 2024 — A vulnerability was discovered in the slsi_handle_nan_rx_event_log_ind function in Samsung Mobile Processor Exynos 1380 and Exynos 1480 related to no input validation check on tag_len for tx coming from userspace, which can lead to heap overwrite. Se descubrió una vulnerabilidad en la función slsi_handle_nan_rx_event_log_ind en Samsung Mobile Processor Exynos 1380 y Exynos 1480 relacionada con la falta de verificación de validación de entrada en tag_len para tx provenientes del espacio de usuario, lo que pu... • https://semiconductor.samsung.com/support/quality-support/product-security-updates • CWE-20: Improper Input Validation •
CVSS: 8.4EPSS: 0%CPEs: 8EXPL: 0CVE-2024-32504
https://notcve.org/view.php?id=CVE-2024-32504
13 Jun 2024 — An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 850, Exynos 1080, Exynos 2100, Exynos 1280, Exynos 1380, Exynos 1330, Exynos W920, Exynos W930. The mobile processor lacks proper length checking, which can result in an OOB (Out-of-Bounds) Write vulnerability. Se descubrió un problema en el procesador móvil y el procesador portátil Samsung Exynos 850, Exynos 1080, Exynos 2100, Exynos 1280, Exynos 1380, Exynos 1330, Exynos W920, Exynos W930. El procesador móvil carece de una c... • https://semiconductor.samsung.com/support/quality-support/product-security-updates • CWE-787: Out-of-bounds Write •
CVSS: 8.4EPSS: 0%CPEs: 8EXPL: 0CVE-2024-32503
https://notcve.org/view.php?id=CVE-2024-32503
07 Jun 2024 — An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 850, Exynos 1080, Exynos 2100, Exynos 1280, Exynos 1380, Exynos 1330, Exynos W920, Exynos W930. The mobile processor lacks proper memory deallocation checking, which can result in a UAF (Use-After-Free) vulnerability. Se descubrió un problema en el procesador móvil y en el procesador portátil Samsung Exynos 850, Exynos 1080, Exynos 2100, Exynos 1280, Exynos 1380, Exynos 1330, Exynos W920, Exynos W930. El procesador móvil carec... • https://semiconductor.samsung.com/support/quality-support/product-security-updates • CWE-762: Mismatched Memory Management Routines •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2024-27371
https://notcve.org/view.php?id=CVE-2024-27371
05 Jun 2024 — An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_nan_followup_get_nl_params(), there is no input validation check on hal_req->service_specific_info_len coming from userspace, which can lead to a heap overwrite. Se descubrió un problema en el procesador móvil Samsung Exynos 980, Exynos 850, Exynos 1280, Exynos 1380 y Exynos 1330. En la función slsi_nan_followup_get_nl_params(), no hay ninguna verificación de validación... • https://semiconductor.samsung.com/support/quality-support/product-security-updates • CWE-787: Out-of-bounds Write CWE-1288: Improper Validation of Consistency within Input •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2024-27373
https://notcve.org/view.php?id=CVE-2024-27373
05 Jun 2024 — An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_nan_config_get_nl_params(), there is no input validation check on disc_attr->mesh_id_len coming from userspace, which can lead to a heap overwrite. Se descubrió un problema en el procesador móvil Samsung Exynos 980, Exynos 850, Exynos 1280, Exynos 1380 y Exynos 1330. En la función slsi_nan_config_get_nl_params(), no hay ninguna verificación de validación de entrada en d... • https://semiconductor.samsung.com/support/quality-support/product-security-updates • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2024-27374
https://notcve.org/view.php?id=CVE-2024-27374
05 Jun 2024 — An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_nan_publish_get_nl_params(), there is no input validation check on hal_req->service_specific_info_len coming from userspace, which can lead to a heap overwrite. Se descubrió un problema en el procesador móvil Samsung Exynos 980, Exynos 850, Exynos 1280, Exynos 1380 y Exynos 1330. En la función slsi_nan_publish_get_nl_params(), no hay ninguna verificación de validación d... • https://semiconductor.samsung.com/support/quality-support/product-security-updates • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2024-27375
https://notcve.org/view.php?id=CVE-2024-27375
05 Jun 2024 — An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_nan_followup_get_nl_params(), there is no input validation check on hal_req->sdea_service_specific_info_len coming from userspace, which can lead to a heap overwrite. Se descubrió un problema en el procesador móvil Samsung Exynos 980, Exynos 850, Exynos 1280, Exynos 1380 y Exynos 1330. En la función slsi_nan_followup_get_nl_params(), no hay ninguna verificación de valid... • https://semiconductor.samsung.com/support/quality-support/product-security-updates • CWE-787: Out-of-bounds Write CWE-1288: Improper Validation of Consistency within Input •
CVSS: 8.4EPSS: 0%CPEs: 10EXPL: 0CVE-2024-27372
https://notcve.org/view.php?id=CVE-2024-27372
05 Jun 2024 — An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_nan_config_get_nl_params(), there is no input validation check on disc_attr->infrastructure_ssid_len coming from userspace, which can lead to a heap overwrite. Se descubrió un problema en el procesador móvil Samsung Exynos 980, Exynos 850, Exynos 1280, Exynos 1380 y Exynos 1330. En la función slsi_nan_config_get_nl_params(), no hay ninguna verificación de validación de ... • https://semiconductor.samsung.com/support/quality-support/product-security-updates • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2024-27377
https://notcve.org/view.php?id=CVE-2024-27377
05 Jun 2024 — An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_nan_get_security_info_nl(), there is no input validation check on sec_info->key_info.body.pmk_info.pmk_len coming from userspace, which can lead to a heap overwrite. Se descubrió un problema en el procesador móvil Samsung Exynos 980, Exynos 850, Exynos 1280, Exynos 1380 y Exynos 1330. En la función slsi_nan_get_security_info_nl(), no hay ninguna verificación de validaci... • https://semiconductor.samsung.com/support/quality-support/product-security-updates • CWE-787: Out-of-bounds Write •