Page 3 of 25 results (0.002 seconds)

CVSS: 7.5EPSS: 0%CPEs: 32EXPL: 0

An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor, and Modem (Exynos Mobile Processor, Automotive Processor, and Modem - Exynos 9810, Exynos 9610, Exynos 9820, Exynos 980, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 9110, Exynos W920, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123). In the Shannon MM Task, Missing validation of a NULL pointer can cause abnormal termination via a malformed NR MM packet. Se descubrió un problema en el Procesador Móvil, el Procesador Automotive y el Módem Exynos de Samsung (Exynos Mobile Processor, Automotive Processor, and Modem - Exynos 9810, Exynos 9610, Exynos 9820, Exynos 980, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 9110, Exynos W920, Exynos Modem 5123, Exynos Modem 5300, y Exynos Auto T5123). En la tarea MM de Shannon, la falta de validación de un puntero NULL puede provocar una terminación anormal a través de un paquete NR MM con formato malformado. • https://semiconductor.samsung.com/support/quality-support/product-security-updates • CWE-476: NULL Pointer Dereference •

CVSS: 7.5EPSS: 0%CPEs: 26EXPL: 0

An issue was discovered in Samsung Exynos Mobile Processor and Wearable Processor 9810, 9610, 9820, 980, 850, 1080, 2100, 2200, 1280, 1380, 1330, 9110, and W920. Improper handling of PPP length parameter inconsistency can cause an infinite loop. • https://semiconductor.samsung.com/support/quality-support/product-security-updates • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 6.2EPSS: 0%CPEs: 4EXPL: 0

A possible race condition vulnerability in score driver prior to SMR Jul-2022 Release 1 can allow local attackers to interleave malicious operations. Una posible vulnerabilidad de condición de carrera en score driver versiones anteriores a SMR Jul-2022 Release 1, puede permitir a atacantes locales intercalar operaciones maliciosas • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=7 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •

CVSS: 7.2EPSS: 0%CPEs: 6EXPL: 0

A missing input validation in HDCP LDFW prior to SMR Nov-2021 Release 1 allows attackers to overwrite TZASC allowing TEE compromise. Una falta de comprobación de entradas en HDCP LDFW versiones anteriores a 1 de SMR Nov-2021, permite a atacantes sobrescribir TZASC, lo que permite comprometer el TEE • https://security.samsungmobile.com/securityUpdate.smsb?year=2021&month=11 • CWE-20: Improper Input Validation CWE-787: Out-of-bounds Write •

CVSS: 6.7EPSS: 0%CPEs: 6EXPL: 0

An improper input validation vulnerability in NPU firmware prior to SMR MAY-2021 Release 1 allows arbitrary memory write and code execution. Una vulnerabilidad de comprobación inapropiada de la entrada en NPU versiones de firmware anteriores a SMR MAY-2021 Release 1, permite una escritura de memoria arbitraria y una ejecución de código • https://security.samsungmobile.com/securityUpdate.smsb?year=2021&month=5 • CWE-787: Out-of-bounds Write •