Code injection

Some Broadcom chips mishandle Bluetooth random-number generation because a low-entropy Pseudo Random Number Generator PRNG is used in situations where a Hardware Random Number Generator HRNG should have been used to prevent spoofing. This affects, for example, Samsung Galaxy S8, S8+, and Note8...

CVE-2020-6616

Some Broadcom chips mishandle Bluetooth random-number generation because a low-entropy Pseudo Random Number Generator PRNG is used in situations where a Hardware Random Number Generator HRNG should have been used to prevent spoofing. This affects, for example, Samsung Galaxy S8, S8+, and Note8...

Buffer Overflow Vulnerability in Multiple Samsung Products

The Samsung Galaxy S6, among others, is a smartphone from the South Korean company Samsung Samsung. A buffer overflow vulnerability exists in the baseband process in several Samsung products powered by the Shannon333 chipset. The vulnerability can be exploited by an attacker to execute code via a...

Stack overflow

An issue was discovered on Samsung mobile devices with software through 2015-11-12, affecting the Galaxy S6/S6 Edge, Galaxy S6 Edge+, and Galaxy Note5 with the Shannon333 chipset. There is a stack-based buffer overflow in the baseband process that is exploitable for remote code execution via a fa...

CVE-2015-8546

An issue was discovered on Samsung mobile devices with software through 2015-11-12, affecting the Galaxy S6/S6 Edge, Galaxy S6 Edge+, and Galaxy Note5 with the Shannon333 chipset. There is a stack-based buffer overflow in the baseband process that is exploitable for remote code execution via a fa...

CVE-2015-8546

Concrete details: CVE-2015-8546 affects Samsung mobile devices with Shannon333 baseband (Galaxy S6/S6 Edge/S6 Edge+/Note5) and firmware up to 2015-11-12. Vulnerability is a stack-based buffer overflow in the baseband process, enabling remote code execution via a fake base station. Exploitation st...

Privilege Escalation

kernel is vulnerable to privilege escalation. The i915 driver in drivers/char/drm/i915dma.c and sys/dev/pci/drm/i915drv.c does not restrict the DRMI915HWSADDR ioctl to the Direct Rendering Manager master, allowing for local privilege escalation. Note: the flaw only affects systems based on the...

Privilege Escalation

kernel is vulnerable to privilege escalation. A flaw in the DRM driver for Intel graphics cards that allowed a local user to access any part of the main memory. To access the DRM functionality a user must have access to the X server which is granted through the graphical login. This also only...

CVE-2018-21074

An issue was discovered on Samsung mobile devices with M6.x Exynos or Qualcomm chipsets software. There is information disclosure from a Trustlet via the debug log. The Samsung ID is SVE-2017-10638 April 2018...

CVE-2018-21066

An issue was discovered on Samsung mobile devices with M6.0 Exynos or MediaTek chipsets software. There is a buffer overflow in a Trustlet that can cause memory corruption. The Samsung ID is SVE-2018-11599 July 2018...

CVE-2018-21055

An issue was discovered on Samsung mobile devices with N7.0 Qualcomm models using MSM8996 chipsets software. A device can be rooted with a custom image to execute arbitrary scripts in the INIT context. The Samsung ID is SVE-2018-11940 September 2018...

CVE-2018-21090

An issue was discovered on Samsung mobile devices with software through 2017-11-03 S.LSI modem chipsets. The Exynos modem chipset has a baseband buffer overflow. The Samsung ID is SVE-2017-10745 January 2018...

Samsung Mobile Device Buffer Overflow Vulnerability (CNVD-2020-31531)

Android is a free and open source operating system from Google based on the Linux kernel without GNU components. A buffer overflow vulnerability exists in the 'memcpy' function of the OTP service in Samsung mobile devices powered by the Exynos AP chipset, which stems from a failure to perform...

CVE-2017-18649

An issue was discovered on Samsung mobile devices with N7.x software. An attacker can boot a device with root privileges because the bootloader for the Qualcomm MSM8998 chipset lacks an integrity check of the system image, aka the "SamFAIL" issue. The Samsung ID is SVE-2017-10465 November 2017...

CVE-2016-11035

An issue was discovered on Samsung mobile devices with software through 2016-05-27 Exynos AP chipsets. A local graphics user can cause a Kernel Crash via the fb0DECON frame buffer interface. The Samsung ID is SVE-2016-7011 October 2016...

CVE-2019-20621

An issue was discovered on Samsung mobile devices with N7.x, O8.x, and P9.0 Exynos chipsets software. There is a baseband heap overflow. The Samsung ID is SVE-2018-13187 February 2019...

CVE-2019-20621

CVE-2019-20621 concerns a baseband heap overflow in Samsung mobile devices with Exynos baseband software (N(7.x), O(8.x), P(9.0)). Multiple feeds (Red Hat, CNVD, CVE lists, CVEs) reference the same issue; Samsung’s internal ID is SVE-2018-13187 (Feb 2019). The NVD entry cites a critical CVSS-3.1 ...

CVE-2019-20577

An issue was discovered on Samsung mobile devices with P9.0 Exynos chipsets software. The MALI GPU Driver allows a kernel panic. The Samsung ID is SVE-2019-14372 August 2019...

CVE-2019-20568

An issue was discovered on Samsung mobile devices with O8.x and P9.0 devices Exynos and Qualcomm chipsets software. A race condition causes a Use-After-Free. The Samsung ID is SVE-2019-15067 September 2019...

CVE-2019-20558

An issue was discovered on Samsung mobile devices with N7.x, O8.x, and P9.0 Exynos chipsets software. There is a Buffer Overflow in the Touch Screen Driver. The Samsung ID is SVE-2019-14990 October 2019...