Lucene search

[email protected]CVE-2023-40218

HistorySep 12, 2023 - 3:15 p.m.

CVE-2023-40218

2023-09-1215:15:23

CWE-190

[email protected]

web.nvd.nist.gov

samsung

exynos

npu

kernel driver

integer overflow

error detection

cve-2023-40218

3.3 Low

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

4.3 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.9%

JSON

An issue was discovered in the NPU kernel driver in Samsung Exynos Mobile Processor 9820, 980, 2100, 2200, 1280, and 1380. An integer overflow can bypass detection of error cases via a crafted application.

Affected configurations

NVD

Node

samsungexynos_9820Match-

AND

samsungexynos_9820_firmwareMatch-

Node

samsungexynos_980Match-

AND

samsungexynos_980_firmwareMatch-

Node

samsungexynos_2100Match-

AND

samsungexynos_2100_firmwareMatch-

Node

samsungexynos_2200Match-

AND

samsungexynos_2200_firmwareMatch-

Node

samsungexynos_1280Match-

AND

samsungexynos_1280_firmwareMatch-

Node

samsungexynos_1380Match-

AND

samsungexynos_1380_firmwareMatch-

CPENameOperatorVersion
samsung:exynos_9820_firmwaresamsung exynos 9820 firmwareeq-

CPE	Name	Operator	Version
samsung:exynos_9820_firmware	samsung exynos 9820 firmware	eq	-

References

semiconductor.samsung.com/support/quality-support/product-security-updates/

3.3 Low

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

4.3 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.9%

JSON

Related for CVE-2023-40218

nvd1 prion1 cvelist1