Lucene search

GoogleOSV:CVE-2022-40761

HistorySep 16, 2022 - 10:15 p.m.

CVE-2022-40761

2022-09-1622:15:12

Google

osv.dev

samsung

mtower

dos

vulnerability

software

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

6.8 Medium

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

80.8%

JSON

The function tee_obj_free in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_AllocateOperation with a disturbed heap layout, related to utee_cryp_obj_alloc.

CPENameOperatorVersion
mtowereq0.3.0
mtowereq0.1.0
mtowereq0.2.0

Name	Operator	Version
mtower	eq	0.3.0
mtower	eq	0.1.0
mtower	eq	0.2.0

References

github.com/Samsung/mTower/blob/efd36709306a9afcca5b4782499d01be0c7a02a5/tee/tee/tee_obj.c#L109

github.com/Samsung/mTower/blob/efd36709306a9afcca5b4782499d01be0c7a02a5/tee/tee/tee_svc_cryp.c#L1248

github.com/Samsung/mTower/issues/83

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

6.8 Medium

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

80.8%

JSON

Related for OSV:CVE-2022-40761