Lucene search

MitreCVE-2023-40353

HistorySep 08, 2023 - 3:15 a.m.

CVE-2023-40353

2023-09-0803:15:08

CWE-190

mitre

web.nvd.nist.gov

exynos

mobile processor

integer overflow

buffer index

cve-2023-40353

nvd

CVSS3

3.3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

AI Score

4.7

Confidence

High

EPSS

Percentile

12.8%

JSON

An issue was discovered in Exynos Mobile Processor 980 and 2100. An integer overflow at a buffer index can prevent the execution of requested services via a crafted application.

Affected configurations

Nvd

Node

samsungexynos_980_firmwareMatch-

AND

samsungexynos_980Match-

Node

samsungexynos_2100_firmwareMatch-

AND

samsungexynos_2100Match-

VendorProductVersionCPE
samsungexynos_980_firmware-cpe:2.3:o:samsung:exynos_980_firmware:-:*:*:*:*:*:*:*
samsungexynos_980-cpe:2.3:h:samsung:exynos_980:-:*:*:*:*:*:*:*
samsungexynos_2100_firmware-cpe:2.3:o:samsung:exynos_2100_firmware:-:*:*:*:*:*:*:*
samsungexynos_2100-cpe:2.3:h:samsung:exynos_2100:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
samsung	exynos_980_firmware	-	cpe:2.3:o:samsung:exynos_980_firmware:-:::::::*
samsung	exynos_980	-	cpe:2.3:h:samsung:exynos_980:-:::::::*
samsung	exynos_2100_firmware	-	cpe:2.3:o:samsung:exynos_2100_firmware:-:::::::*
samsung	exynos_2100	-	cpe:2.3:h:samsung:exynos_2100:-:::::::*

References

semiconductor.samsung.com/support/quality-support/product-security-updates/

CVSS3

3.3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

AI Score

4.7

Confidence

High

EPSS

Percentile

12.8%

JSON

Related for CVE-2023-40353