Lucene search

[email protected]NVD:CVE-2023-40218

HistorySep 12, 2023 - 3:15 p.m.

CVE-2023-40218

2023-09-1215:15:23

CWE-190

[email protected]

web.nvd.nist.gov

samsung

npu

kernel driver

integer overflow

bypass

error cases

3.3 Low

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

4 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.9%

JSON

An issue was discovered in the NPU kernel driver in Samsung Exynos Mobile Processor 9820, 980, 2100, 2200, 1280, and 1380. An integer overflow can bypass detection of error cases via a crafted application.

Affected configurations

NVD

Node

samsungexynos_9820Match-

AND

samsungexynos_9820_firmwareMatch-

Node

samsungexynos_980Match-

AND

samsungexynos_980_firmwareMatch-

Node

samsungexynos_2100Match-

AND

samsungexynos_2100_firmwareMatch-

Node

samsungexynos_2200Match-

AND

samsungexynos_2200_firmwareMatch-

Node

samsungexynos_1280Match-

AND

samsungexynos_1280_firmwareMatch-

Node

samsungexynos_1380Match-

AND

samsungexynos_1380_firmwareMatch-

References

semiconductor.samsung.com/support/quality-support/product-security-updates/

3.3 Low

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

4 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.9%

JSON

Related for NVD:CVE-2023-40218

prion1 cve1 cvelist1