CVSS: 8.1EPSS: 0%CPEs: 8EXPL: 0CVE-2017-18692
https://notcve.org/view.php?id=CVE-2017-18692
An issue was discovered on Samsung mobile devices with M(6.0) and N(7.0) (MSM8939, MSM8996, MSM8998, Exynos7580, Exynos8890, or Exynos8895 chipsets) software. There is a race condition, with a resultant buffer overflow, in the sec_ts touchscreen sysfs interface. The Samsung ID is SVE-2016-7501 (January 2017). Se detectó un problema en dispositivos móviles Samsung con versiones de software M(6.0) y N(7.0) (MSM8939, MSM8996, MSM8998, Exynos7580, Exynos8890 o Exynos8895). Se presenta una condición de carrera, con un desbordamiento del búfer resultante, en la interfaz sysfs de la pantalla táctil de sec_ts. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2017-18696
https://notcve.org/view.php?id=CVE-2017-18696
An issue was discovered on Samsung mobile devices with M(6.0) and N(7.0) (Exynos7420, Exynos8890, or MSM8996 chipsets) software. RKP allows memory corruption. The Samsung ID is SVE-2016-7897 (January 2017). Se detectó un problema en dispositivos móviles Samsung con versiones de software M(6.0) y N(7.0) (Exynos7420, Exynos8890 o MSM8996). RKP permite una corrupción de la memoria. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 13EXPL: 0CVE-2019-20610
https://notcve.org/view.php?id=CVE-2019-20610
An issue was discovered on Samsung mobile devices with N(7.X) and O(8.X) (Exynos 7570, 7870, 7880, 7885, 8890, 8895, and 9810 chipsets) software. A double-fetch vulnerability in Trustlet allows arbitrary TEE code execution. The Samsung ID is SVE-2019-13910 (April 2019). Se detectó un problema en dispositivos móviles Samsung con versiones de software N(7.X) y O(8.X) (Exynos 7570, 7870, 7880, 7885, 8890, 8895 y 9810). Una vulnerabilidad de doble extracción en Trustlet permite una ejecución arbitraria de código TEE. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 10.0EPSS: 0%CPEs: 13EXPL: 0CVE-2019-20607
https://notcve.org/view.php?id=CVE-2019-20607
An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (MSM8996, MSM8998, Exynos7420, Exynos7870, Exynos8890, and Exynos8895 chipsets) software. A heap overflow in the keymaster Trustlet allows attackers to write to TEE memory, and achieve arbitrary code execution. The Samsung ID is SVE-2019-14126 (May 2019). Se detectó un problema en dispositivos móviles Samsung con versiones de software N(7.x), O(8.x) y P(9.0) (MSM8996, MSM8998, Exynos7420, Exynos7870, Exynos8890 y Exynos8895). Un desbordamiento de pila (heap) en el keymaster Trustlet permite a atacantes escribir en la memoria TEE y lograr una ejecución de código arbitrario. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 12EXPL: 0CVE-2019-20601
https://notcve.org/view.php?id=CVE-2019-20601
An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (Exynos7570, 7580, 7870, 7880, and 8890 chipsets) software. RKP memory corruption causes an arbitrary write to protected memory. The Samsung ID is SVE-2019-13921-2 (May 2019). Se detectó un problema en dispositivos móviles Samsung con versiones de software N(7.x), O(8.x) y P(9.0) (Exynos7570, 7580, 7870, 7880 y 8890). La corrupción de la memoria RKP provoca una escritura arbitraria en la memoria protegida. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-787: Out-of-bounds Write •