Lucene search

Samsung MobileCVELIST:CVE-2022-39853

HistoryOct 07, 2022 - 12:00 a.m.

CVE-2022-39853

2022-10-0700:00:00

CWE-416

Samsung Mobile

www.cve.org

vulnerability

perf-mgr driver

smr oct-2022

memory access fault

use after free

CVSS3

4.4

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L

EPSS

Percentile

12.6%

JSON

A use after free vulnerability in perf-mgr driver prior to SMR Oct-2022 Release 1 allows attacker to cause memory access fault.

CNA Affected

[
  {
    "vendor": "Samsung Mobile",
    "product": "Samsung Mobile Devices",
    "versions": [
      {
        "version": "Q(10), R(11), S(12) devices with Qualcomm SM8150 and SM8250 chipsets",
        "status": "affected",
        "lessThan": "SMR Oct-2022 Release 1",
        "versionType": "custom"
      }
    ]
  }
]

References

security.samsungmobile.com/securityUpdate.smsb?year=2022&month=10

CVSS3

4.4

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L

EPSS

Percentile

12.6%

JSON

Related for CVELIST:CVE-2022-39853