CVE-2017-18689
https://notcve.org/view.php?id=CVE-2017-18689
An issue was discovered on Samsung mobile devices with M(6.0) and N(7.0) (Exynos5433, Exynos7420, or Exynos7870 chipsets) software. An attacker can bypass a ko (aka Kernel Module) signature by modifying the count of kernel modules. The Samsung ID is SVE-2016-7466 (January 2017). Se detectó un problema en dispositivos móviles Samsung con versiones de software M(6.0) y N(7.0) (Exynos5433, Exynos7420 o Exynos7870). Un atacante puede omitir una firma ko (también se conoce como Módulo Kernel) al modificar el conteo de módulos del kernel. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-354: Improper Validation of Integrity Check Value •
CVE-2017-18690
https://notcve.org/view.php?id=CVE-2017-18690
An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), M(6.0), and N(7.0) (Exynos54xx, Exynos7420, Exynos8890, or Exynos8895 chipsets) software. There is a buffer overflow in the sensor hub. The Samsung ID is SVE-2016-7484 (January 2017). Se detectó un problema en dispositivos móviles Samsung con versiones de software KK(4.4), L(5.0 / 5.1), M(6.0) y N(7.0) (Exynos54xx, Exynos7420, Exynos8890 o Exynos8895). Se presenta un desbordamiento del búfer en el sensor hub. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2017-18691
https://notcve.org/view.php?id=CVE-2017-18691
An issue was discovered on Samsung mobile devices with M(6.0) and N(7.0) (Exynos8890 chipsets) software. There are multiple Buffer Overflows in TSP sysfs cmd_store. The Samsung ID is SVE-2016-7500 (January 2017). Se detectó un problema en dispositivos móviles Samsung con versiones de software M(6.0) y N(7.0) (chipsets Exynos8890). Se presentan múltiples desbordamientos de búfer en TSP sysfs cmd_store. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2017-18692
https://notcve.org/view.php?id=CVE-2017-18692
An issue was discovered on Samsung mobile devices with M(6.0) and N(7.0) (MSM8939, MSM8996, MSM8998, Exynos7580, Exynos8890, or Exynos8895 chipsets) software. There is a race condition, with a resultant buffer overflow, in the sec_ts touchscreen sysfs interface. The Samsung ID is SVE-2016-7501 (January 2017). Se detectó un problema en dispositivos móviles Samsung con versiones de software M(6.0) y N(7.0) (MSM8939, MSM8996, MSM8998, Exynos7580, Exynos8890 o Exynos8895). Se presenta una condición de carrera, con un desbordamiento del búfer resultante, en la interfaz sysfs de la pantalla táctil de sec_ts. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVE-2017-18694
https://notcve.org/view.php?id=CVE-2017-18694
An issue was discovered on Samsung mobile devices with software through 2016-10-25 (Exynos5 chipsets). Attackers can read kernel addresses in the log because an incorrect format specifier is used. The Samsung ID is SVE-2016-7551 (January 2017). Se detectó un problema en dispositivos móviles Samsung con versiones de software hasta el 25-10-2016 (chipsets Exynos5). Los atacantes pueden leer las direcciones del kernel en el registro porque es usado un especificador de formato incorrecto. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •