CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2018-21058
https://notcve.org/view.php?id=CVE-2018-21058
An issue was discovered on Samsung mobile devices with N(7.0), O(8.0) (exynos7420 or Exynos 8890/8996 chipsets) software. Cache attacks can occur against the Keymaster AES-GCM implementation because T-Tables are used; the Cryptography Extension (CE) is not used. The Samsung ID is SVE-2018-12761 (September 2018). Se detectó un problema en dispositivos móviles Samsung con versiones de software N(7.0), O(8.0) (exynos7420 o Exynos 8890/8996). Ataques de la memoria Caché pueden ocurrir contra la implementación Keymaster AES-GCM porque son usadas T-Tables; la Cryptography Extension (CE) no es usada. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 10.0EPSS: 0%CPEs: 6EXPL: 0CVE-2018-21052
https://notcve.org/view.php?id=CVE-2018-21052
An issue was discovered on Samsung mobile devices with N(7.x) and O(8.X) (Exynos chipsets) software. There is incorrect usage of shared memory in the vaultkeeper Trustlet, leading to arbitrary code execution. The Samsung ID is SVE-2018-12855 (October 2018). Se detectó un problema en dispositivos móviles Samsung con versiones de software N(7.x) y O(8.x) (chipsets Exynos). Se presenta un uso incorrecto de la memoria compartida en el Trustlet vaultkeeper, conllevando a una ejecución de código arbitraria. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 0CVE-2018-21059
https://notcve.org/view.php?id=CVE-2018-21059
An issue was discovered on Samsung mobile devices with N(7.x) and O(8.x) software. There is Clipboard content visibility in the locked state via the emergency contact picker. The Samsung ID is SVE-2018-11806 (September 2018). Se detectó un problema en dispositivos móviles Samsung con versiones de software N(7.x) y O(8.x). Se presenta una visibilidad del contenido del Clipboard en el estado bloqueado por medio del selector de contactos de emergencia. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 0%CPEs: 6EXPL: 0CVE-2018-21051
https://notcve.org/view.php?id=CVE-2018-21051
An issue was discovered on Samsung mobile devices with N(7.x) and O(8.x) (Exynos chipsets) software. There is an invalid free in the fingerprint Trustlet, leading to arbitrary code execution. The Samsung ID is SVE-2018-12853 (October 2018). Se detectó un problema en dispositivos móviles Samsung con versión de software N(7.x) y O (8.x) (chipsets Exynos). Se presenta una liberación no válida en el Trustlet fingerprint, conllevando a una ejecución de código arbitraria. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 10.0EPSS: 0%CPEs: 6EXPL: 0CVE-2018-21050
https://notcve.org/view.php?id=CVE-2018-21050
An issue was discovered on Samsung mobile devices with N(7.x) and O(8.X) (Exynos chipsets) software. There is a Buffer overflow in the esecomm Trustlet, leading to arbitrary code execution. The Samsung ID is SVE-2018-12852 (October 2018). Se detectó un problema en dispositivos móviles Samsung con versiones de software N(7.x) y O(8.x) (chipsets Exynos). Se presenta un desbordamiento del Búfer en el Trustlet esecomm, conllevando a una ejecución de código arbitraria. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •