CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-2023-37377
https://notcve.org/view.php?id=CVE-2023-37377
An issue was discovered in Samsung Exynos Mobile Processor and Wearable Processor (Exynos 980, Exynos 850, Exynos 2100, and Exynos W920). Improper handling of length parameter inconsistency can cause incorrect packet filtering. Se descubrió un problema en el Procesador Móvil Samsung Exynos y el Procesador Portátil (Exynos 980, Exynos 850, Exynos 2100 y Exynos W920). El manejo incorrecto de la incoherencia de los parámetros de longitud puede provocar un filtrado incorrecto de paquetes. • https://semiconductor.samsung.com/support/quality-support/product-security-updates • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 26EXPL: 0CVE-2023-36481
https://notcve.org/view.php?id=CVE-2023-36481
An issue was discovered in Samsung Exynos Mobile Processor and Wearable Processor 9810, 9610, 9820, 980, 850, 1080, 2100, 2200, 1280, 1380, 1330, 9110, and W920. Improper handling of PPP length parameter inconsistency can cause an infinite loop. • https://semiconductor.samsung.com/support/quality-support/product-security-updates • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 0%CPEs: 50EXPL: 0CVE-2023-21459
https://notcve.org/view.php?id=CVE-2023-21459
Use after free vulnerability in decon driver prior to SMR Mar-2023 Release 1 allows attackers to cause memory access fault. • https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=03 • CWE-416: Use After Free •
CVSS: 7.0EPSS: 0%CPEs: 6EXPL: 0CVE-2022-27834
https://notcve.org/view.php?id=CVE-2022-27834
Use after free vulnerability in dsp_context_unload_graph function of DSP driver prior to SMR Apr-2022 Release 1 allows attackers to perform malicious actions. La vulnerabilidad de Uso de memoria previamente liberada en la función dsp_context_unload_graph del controlador DSP versiones anteriores a SMR Apr-2022 Release 1, permite a atacantes llevar a cabo acciones maliciosas • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=4 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2022-27833
https://notcve.org/view.php?id=CVE-2022-27833
Improper input validation in DSP driver prior to SMR Apr-2022 Release 1 allows out-of-bounds write by integer overflow. Una comprobación de entrada inapropiada en el controlador DSP versiones anteriores a SMR Apr-2022 Release 1, permite una escritura fuera de límites por desbordamiento de enteros • https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=4 • CWE-20: Improper Input Validation CWE-190: Integer Overflow or Wraparound •