CVSS: 7.5EPSS: 0%CPEs: 32EXPL: 0CVE-2023-41112
https://notcve.org/view.php?id=CVE-2023-41112
An issue was discovered in Samsung Mobile Processor, Wearable Processor, Automotive Processor, and Modem (Exynos 9810, 9610, 9820, 980, 850, 1080, 2100, 2200, 1280, 1380, 1330, 9110, W920, Modem 5123, Modem 5300, and Auto T5123). A buffer copy, without checking the size of the input, can cause abnormal termination of a mobile phone. This occurs in the RLC task and RLC module. Se descubrió un problema en Samsung Mobile Processor, Wearable Processor, Automotive Processor, and Modem (Exynos 9810, 9610, 9820, 980, 850, 1080, 2100, 2200, 1280, 1380, 1330, 9110, W920, Modem 5123, Modem 5300 y Auto T5123). Una copia del búfer, sin comprobar el tamaño de la entrada, puede provocar una terminación anormal de un teléfono móvil. • https://semiconductor.samsung.com/support/quality-support/product-security-updates • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.5EPSS: 0%CPEs: 32EXPL: 0CVE-2023-41111
https://notcve.org/view.php?id=CVE-2023-41111
An issue was discovered in Samsung Mobile Processor, Wearable Processor, Automotive Processor, and Modem (Exynos 9810, 9610, 9820, 980, 850, 1080, 2100, 2200, 1280, 1380, 1330, 9110, W920, Modem 5123, Modem 5300, and Auto T5123). Improper handling of a length parameter inconsistency can cause abnormal termination of a mobile phone. This occurs in the RLC task and RLC module. Se descubrió un problema en Samsung Mobile Processor, Wearable Processor, Automotive Processor, and Modem (Exynos 9810, 9610, 9820, 980, 850, 1080, 2100, 2200, 1280, 1380, 1330, 9110, W920, Modem 5123, Modem 5300 y Auto T5123). El manejo inadecuado de la inconsistencia de un parámetro de longitud puede causar una terminación anormal de un teléfono móvil. • https://semiconductor.samsung.com/support/quality-support/product-security-updates • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 32EXPL: 0CVE-2023-37368
https://notcve.org/view.php?id=CVE-2023-37368
An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor, and Modem (Exynos Mobile Processor, Automotive Processor, and Modem - Exynos 9810, Exynos 9610, Exynos 9820, Exynos 980, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 9110, Exynos W920, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123). In the Shannon MM Task, Missing validation of a NULL pointer can cause abnormal termination via a malformed NR MM packet. Se descubrió un problema en el Procesador Móvil, el Procesador Automotive y el Módem Exynos de Samsung (Exynos Mobile Processor, Automotive Processor, and Modem - Exynos 9810, Exynos 9610, Exynos 9820, Exynos 980, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 9110, Exynos W920, Exynos Modem 5123, Exynos Modem 5300, y Exynos Auto T5123). En la tarea MM de Shannon, la falta de validación de un puntero NULL puede provocar una terminación anormal a través de un paquete NR MM con formato malformado. • https://semiconductor.samsung.com/support/quality-support/product-security-updates • CWE-476: NULL Pointer Dereference •
CVSS: 7.5EPSS: 0%CPEs: 26EXPL: 0CVE-2023-36481
https://notcve.org/view.php?id=CVE-2023-36481
An issue was discovered in Samsung Exynos Mobile Processor and Wearable Processor 9810, 9610, 9820, 980, 850, 1080, 2100, 2200, 1280, 1380, 1330, 9110, and W920. Improper handling of PPP length parameter inconsistency can cause an infinite loop. • https://semiconductor.samsung.com/support/quality-support/product-security-updates • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 0CVE-2021-25415
https://notcve.org/view.php?id=CVE-2021-25415
Assuming EL1 is compromised, an improper address validation in RKP prior to SMR JUN-2021 Release 1 allows local attackers to remap EL2 memory as writable. Asumiendo que EL1 esté comprometido, una comprobación de direcciones inapropiada en RKP versiones anteriores a SMR JUN-2021 Release 1, permite a atacantes locales reasignar la memoria del EL2 como escribible • https://security.samsungmobile.com/securityUpdate.smsb?year=2021&month=6 • CWE-20: Improper Input Validation CWE-94: Improper Control of Generation of Code ('Code Injection') •