CVE-2019-20610
https://notcve.org/view.php?id=CVE-2019-20610
An issue was discovered on Samsung mobile devices with N(7.X) and O(8.X) (Exynos 7570, 7870, 7880, 7885, 8890, 8895, and 9810 chipsets) software. A double-fetch vulnerability in Trustlet allows arbitrary TEE code execution. The Samsung ID is SVE-2019-13910 (April 2019). Se detectó un problema en dispositivos móviles Samsung con versiones de software N(7.X) y O(8.X) (Exynos 7570, 7870, 7880, 7885, 8890, 8895 y 9810). Una vulnerabilidad de doble extracción en Trustlet permite una ejecución arbitraria de código TEE. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVE-2019-20608
https://notcve.org/view.php?id=CVE-2019-20608
An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) software. An attacker can use Emergency mode to disable features. The Samsung IDs are SVE-2018-13164, SVE-2018-13165 (April 2019). Se detectó un problema en dispositivos móviles Samsung con versiones de software N(7.x), O(8.x) y P(9.0). Un atacante puede usar el modo Emergency para deshabilitar las funciones. • https://security.samsungmobile.com/securityUpdate.smsb •
CVE-2019-20607
https://notcve.org/view.php?id=CVE-2019-20607
An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (MSM8996, MSM8998, Exynos7420, Exynos7870, Exynos8890, and Exynos8895 chipsets) software. A heap overflow in the keymaster Trustlet allows attackers to write to TEE memory, and achieve arbitrary code execution. The Samsung ID is SVE-2019-14126 (May 2019). Se detectó un problema en dispositivos móviles Samsung con versiones de software N(7.x), O(8.x) y P(9.0) (MSM8996, MSM8998, Exynos7420, Exynos7870, Exynos8890 y Exynos8895). Un desbordamiento de pila (heap) en el keymaster Trustlet permite a atacantes escribir en la memoria TEE y lograr una ejecución de código arbitrario. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-787: Out-of-bounds Write •
CVE-2019-20605
https://notcve.org/view.php?id=CVE-2019-20605
An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (Exynos chipsets) software. A heap overflow occurs for baseband in the Shannon modem. The Samsung ID is SVE-2019-14071 (May 2019). Se detectó un problema en dispositivos móviles Samsung con versiones de software N(7.x), O(8.x) y P(9.0) (chipsets Exynos). Se produce un desbordamiento de pila (heap) para la banda base en el módem Shannon. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-787: Out-of-bounds Write •
CVE-2019-20603
https://notcve.org/view.php?id=CVE-2019-20603
An issue was discovered on Samsung mobile devices with N(7.x), O(8.0), and P(9.0) (Qualcomm chipsets) software. The ESECOMM Trustlet has a NULL pointer dereference. The Samsung ID is SVE-2019-13950 (May 2019). Se detectó un problema en dispositivos móviles Samsung con versiones de software N(7.x), O(8.0) y P(9.0) (chipsets Qualcomm). El ESECOMM Trustlet presenta una desreferencia del puntero NULL. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-476: NULL Pointer Dereference •