CVE-2022-39854
https://notcve.org/view.php?id=CVE-2022-39854
Improper protection in IOMMU prior to SMR Oct-2022 Release 1 allows unauthorized access to secure memory. Una protección inapropiada en IOMMU versiones anteriores a SMR Oct-2022 Release 1, permite el acceso no autorizado a la memoria segura • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=10 • CWE-284: Improper Access Control •
CVE-2022-26475
https://notcve.org/view.php?id=CVE-2022-26475
In wlan, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07310743; Issue ID: ALPS07310743. En wlan, se presenta una posible escritura fuera de límites debido a una falta de comprobación de límites. • https://corp.mediatek.com/product-security-bulletin/October-2022 • CWE-787: Out-of-bounds Write •
CVE-2022-39862
https://notcve.org/view.php?id=CVE-2022-39862
Improper authorization in Dynamic Lockscreen prior to SMR Sep-2022 Release 1 in Android R(11) and 3.3.03.66 in Android S(12) allows unauthorized use of javascript interface api. Una autorización inapropiada en Dynamic Lockscreen versiones anteriores a SMR Sep-2022 Release 1 en Android R(11) y 3.3.03.66 en Android S(12) permite un uso no autorizado de la interfaz api de javascript • https://security.samsungmobile.com/serviceWeb.smsb?year=2022&month=10 • CWE-285: Improper Authorization •
CVE-2022-39855
https://notcve.org/view.php?id=CVE-2022-39855
Improper access control vulnerability in FACM application prior to SMR Oct-2022 Release 1 allows a local attacker to connect arbitrary AP and Bluetooth devices. Una vulnerabilidad de control de acceso inapropiada en la aplicación FACM versiones anteriores a SMR Oct-2022 Release 1, permite a un atacante local conectar dispositivos AP y Bluetooth arbitrarios • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=10 • CWE-284: Improper Access Control •
CVE-2022-39847
https://notcve.org/view.php?id=CVE-2022-39847
Use after free vulnerability in set_nft_pid and signal_handler function of NFC driver prior to SMR Oct-2022 Release 1 allows attackers to perform malicious actions. Una vulnerabilidad de uso de memoria previamente liberada en la función set_nft_pid y signal_handler del controlador NFC versiones anteriores a SMR Oct-2022 Release 1, permite a atacantes llevar a cabo acciones maliciosas • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=10 • CWE-416: Use After Free •