165 matches found
CVE-2023-30697
An improper input validation in IpcTxCfgSetSimlockPayload in libsec-ril prior to SMR Aug-2023 Release 1 allows attacker to cause out-of-bounds write...
CVE-2023-30696
An improper input validation in IpcTxGetVerifyAkey in libsec-ril prior to SMR Aug-2023 Release 1 allows attacker to cause out-of-bounds write...
CVE-2023-30696
Affected software: libsec-ril. Vulnerable component: IpcTxGetVerifyAkey. Root cause: improper input validation leading to an out-of-bounds write. Affected scope: Samsung SMR Aug-2023 Release 1 (before the release). Impact (as stated): out-of-bounds write that could be triggered locally. Exploitat...
CVE-2023-30696
An improper input validation in IpcTxGetVerifyAkey in libsec-ril prior to SMR Aug-2023 Release 1 allows attacker to cause out-of-bounds write...
CVE-2023-30694
Out-of-bounds Write in IpcTxPcscTransmitApdu of libsec-ril prior to SMR Aug-2023 Release 1 allows local attacker to execute arbitrary code...
CVE-2023-30694
CVE-2023-30694 affects the libsec-ril component (IpcTxPcscTransmitApdu). The root cause is an out-of-bounds write in this function, allowing a local attacker to execute arbitrary code on vulnerable devices. Affected product scope is Samsung Mobile firmware prior to the SMR Aug-2023 Release 1. The...
CVE-2023-30694
Out-of-bounds Write in IpcTxPcscTransmitApdu of libsec-ril prior to SMR Aug-2023 Release 1 allows local attacker to execute arbitrary code...
CVE-2023-30693
Out-of-bounds Write in DoOemFactorySendFactoryBypassCommand of libsec-ril prior to SMR Aug-2023 Release 1 allows local attacker to execute arbitrary code...
CVE-2023-30693
Out-of-bounds Write in DoOemFactorySendFactoryBypassCommand of libsec-ril prior to SMR Aug-2023 Release 1 allows local attacker to execute arbitrary code...
CVE-2023-30693
CVE-2023-30693 concerns an out-of-bounds write in libsec-ril’s DoOemFactorySendFactoryBypassCommand. Multiple connected sources consistently describe this as a local privilege escalation/remote code execution vector, where a local attacker can execute arbitrary code due to a bounds check issue in...
CVE-2023-30689
Out-of-bounds Write in BuildOemEmbmsGetSigStrengthResponse of libsec-ril prior to SMR Aug-2023 Release 1 allows local attacker to execute arbitrary code...
CVE-2023-30689
Out-of-bounds Write in BuildOemEmbmsGetSigStrengthResponse of libsec-ril prior to SMR Aug-2023 Release 1 allows local attacker to execute arbitrary code...
CVE-2023-30689
CVE-2023-30689 affects Samsung Mobile devices, caused by an out-of-bounds write in libsec-ril’s BuildOemEmbmsGetSigStrengthResponse. A local attacker can trigger arbitrary code execution. Samsung fixed this in SMR Aug-2023 Release 1; update devices via the Samsung security bulletin. Exploitation ...
CVE-2023-30688
The CVE-2023-30688 entry covers an out-of-bounds write in MakeUiccAuthForOem of libsec-ril, reported for Samsung Mobile devices in the SMR Aug-2023 Release 1. The issue enables a local attacker to execute arbitrary code. Public references in the provided documents identify the affected component ...
CVE-2023-30688
Out-of-bounds Write in MakeUiccAuthForOem of libsec-ril prior to SMR Aug-2023 Release 1 allows local attacker to execute arbitrary code...
CVE-2023-30688
Out-of-bounds Write in MakeUiccAuthForOem of libsec-ril prior to SMR Aug-2023 Release 1 allows local attacker to execute arbitrary code...
CVE-2023-30687
Out-of-bounds Write in RmtUimApdu of libsec-ril prior to SMR Aug-2023 Release 1 allows local attacker to execute arbitrary code...
CVE-2023-30687
CVE-2023-30687 is an out-of-bounds write in libsec-ril’s RmtUimApdu. The issue affects Samsung Mobile devices and is exploitable locally to run arbitrary code prior to SMR Aug-2023 Release 1. The advisory indicates that Samsung released updates in the SMR Aug-2023 Release 1 cycle to address this,...
CVE-2023-30687
Out-of-bounds Write in RmtUimApdu of libsec-ril prior to SMR Aug-2023 Release 1 allows local attacker to execute arbitrary code...
CVE-2023-30686
Out-of-bounds Write in ReqDataRaw of libsec-ril prior to SMR Aug-2023 Release 1 allows local attacker to execute arbitrary code...