CVE-2024-27371

An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsinanfollowupgetnlparams, there is no input validation check on halreq-servicespecificinfolen coming from userspace, which can lead to a heap overwrite...

CVE-2023-49927

An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 9110, Exynos W920, Exynos Modem 5123, Exynos Modem 5300. The baseband software does not...

CVE-2024-27371

CVE-2024-27371 affects Samsung Mobile Processor Exynos 980, 850, 1280, 1380, and 1330. The issue is in the function slsi_nan_followup_get_nl_params() , where there is no input validation on the userspace-provided length hal_req->service_specific_info_len, which can lead to a heap overwrite . T...

CVE-2024-27381

CVE-2024-27381 affects Samsung Mobile Processor Exynos 980/850/1280/1380/1330. The issue is in the function slsi_send_action_frame_ut() where there is no input validation on len from userspace, enabling a heap over-read. Impact is labeled as Confidentiality HIGH and Availability HIGH, with Local ...

CVE-2023-49928

An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 9110, Exynos W920, Exynos Modem 5123, Exynos Modem 5300. The baseband software does not...

CVE-2024-28818

An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, Exynos 990, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 2400, Exynos Modem 5123, Exynos Modem 5300. The baseband software does not properly check states specifie...

CVE-2023-41111

CVE-2023-41111 affects Samsung Mobile Processor, Wearable Processor, Automotive Processor and Modem (Exynos 9810, 9610, 9820, 980, 850, 1080, 2100, 2200, 1280, 1380, 1330, 9110, W920, Modem 5123, Modem 5300, Auto T5123). Root cause: improper handling of a length parameter inconsistency in the RLC...

PT-2023-27334 · Samsung · Samsung Mobile Processor Exynos

Name of the Vulnerable Software and Affected Versions: Samsung Exynos Mobile Processor versions 1280, 1380, 2100, 2200, 980, 9820 Description: An issue was discovered in the NPU kernel driver, allowing an integer overflow to bypass detection of error cases via a crafted application...

CVE-2023-40353

The CVE-2023-40353 issue affects Exynos Mobile Processor models 980 and 2100 where an integer overflow at a buffer index can prevent execution of requested services in a crafted app. Affected component: Exynos Mobile Processor firmware; root cause: integer overflow in buffer indexing. Impact: den...

CVE-2023-37377

CVE-2023-37377 affects Samsung Exynos Mobile Processor and Wearable Processor family (Exynos 980, 850, 2100, W920). The issue is improper handling of length parameter inconsistency that can lead to incorrect packet filtering. Public documents consistently describe the affected components and the ...

CVE-2023-37368

The CVE-2023-37368 issue affects Samsung Exynos Mobile/Automotive/Modem SoCs (multiple Exynos SKUs listed). In the Shannon MM Task, there is missing validation of a NULL pointer, which can cause abnormal termination via a malformed NR MM packet. Impact is denial of service due to crash; no explic...

PT-2023-25937 · Samsung · Exynos 2100 +3

Name of the Vulnerable Software and Affected Versions: Samsung Exynos Mobile Processor and Wearable Processor versions Exynos 980, Exynos 850, Exynos 2100, and Exynos W920 Description: An issue was discovered in Samsung Exynos Mobile Processor and Wearable Processor. Improper handling of length...

CVE-2023-36481

CVE-2023-36481 affects Samsung Exynos Mobile Processor and Wearable Processor family (models 9810, 9610, 9820, 980, 850, 1080, 2100, 2200, 1280, 1380, 1330, 9110, W920). The issue is due to improper handling of PPP length parameter inconsistency, which can cause an infinite loop. Connected source...

CVE-2023-29092

An issue was discovered in Exynos Mobile Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, and Exynos 1080. Binding of a wrong resource can occur due to improper handling of parameters while binding a network interface...

CVE-2023-29092

CVE-2023-29092 affects Exynos Mobile Processor and Modem series (Exynos Modem 5123, 5300; Exynos 980; Exynos 1080). The vulnerability arises from improper handling of parameters during binding of a network interface, which can cause binding to a wrong resource. Documented impact indicates potenti...

CVE-2023-29086

The CVE-2023-29086 entry targets Samsung Exynos Mobile Processor, Automotive Processor and Modem families (Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, Exynos Auto T5123). The underlying issue is memory corruption caused by insufficient parameter validation during d...

Privilege escalation

The AMD EPYC Server, Ryzen, Ryzen Pro, and Ryzen Mobile processor chips allow Platform Security Processor PSP privilege escalation...

CVE-2014-7252

Multiple unspecified vulnerabilities in the Syslink driver for Texas Instruments OMAP mobile processor, as used on NTT DOCOMO ARROWS Tab LTE F-01D, ARROWS X LTE F-05D, Disney Mobile on docomo F-08D, REGZA Phone T-01D, and PRADA phone by LG L-02D; and SoftBank SHARP handsets 102SH allow local user...