Lucene search
K

119 matches found

Prion
Prion
added 2022/09/16 10:15 p.m.21 views

Design/Logic Flaw

A Memory Allocation with Excessive Size Value vulnerablity in the TEERealloc function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service DoS by invoking the function TEERealloc with an excessive number for the parameter len...

5CVSS7.5AI score0.00839EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2022/09/16 10:15 p.m.17 views

Buffer overflow

A Buffer Access with Incorrect Length Value vulnerablity in the TEECipherUpdate function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service DoS by invoking the function TEECipherUpdate with an excessive size value of srcLen...

5CVSS7.5AI score0.00856EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2022/09/16 10:15 p.m.16 views

Null pointer dereference

A NULL pointer dereference issue in the TEEMACCompareFinal function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service DoS by invoking the function TEEMACCompareFinal with a NULL pointer for the parameter operation...

5CVSS7.5AI score0.00839EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2022/09/16 10:15 p.m.20 views

Buffer overflow

A Buffer Access with Incorrect Length Value vulnerablity in the TEEMACComputeFinal function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service DoS by invoking the function TEEMACComputeFinal with an excessive size value of messageLen...

5CVSS7.5AI score0.00839EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2022/09/16 10:15 p.m.17 views

Buffer overflow

A Buffer Access with Incorrect Length Value vulnerablity in the TEEMACUpdate function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service DoS by invoking the function TEEMACUpdate with an excessive size value of chunkSize...

5CVSS7.5AI score0.01101EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2022/09/16 9:36 p.m.51 views

CVE-2022-40757

CVE-2022-40757 affects Samsung mTower prior to 0.3.0, where a buffer access in TEE_MACComputeFinal with an incorrect length (messageLen) can be triggered by a trusted application, causing a Denial of Service. The issue originates in the TEE_MACComputeFinal function and is documented across multip...

7.5CVSS7.4AI score0.00839EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/09/16 9:36 p.m.28 views

CVE-2022-40757

A Buffer Access with Incorrect Length Value vulnerablity in the TEEMACComputeFinal function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service DoS by invoking the function TEEMACComputeFinal with an excessive size value of messageLen...

7.6AI score0.00839EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/09/16 9:36 p.m.31 views

CVE-2022-40758

A Buffer Access with Incorrect Length Value vulnerablity in the TEECipherUpdate function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service DoS by invoking the function TEECipherUpdate with an excessive size value of srcLen...

7.6AI score0.00856EPSS
Exploits0References2
CVE
CVE
added 2022/09/16 9:36 p.m.53 views

CVE-2022-40758

CVE-2022-40758 affects Samsung mTower up to version 0.3.0, where a Buffer Access with Incorrect Length Value in the TEE_CipherUpdate function can be triggered by a trusted application using an excessive srcLen, causing a Denial of Service. The issue is rooted in incorrect length handling in TEE_C...

7.5CVSS7.4AI score0.00856EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2022/09/16 9:36 p.m.56 views

CVE-2022-40759

CVE-2022-40759 affects Samsung mTower up to version 0.3.0. A NULL pointer dereference in TEE_MACCompareFinal when the operation parameter is NULL can cause a Denial of Service in trusted applications. The main description provides no exploit details. A PT-Security advisory (PT-2022-25519) notes a...

7.5CVSS7.4AI score0.00839EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/09/16 9:36 p.m.16 views

CVE-2022-40759

A NULL pointer dereference issue in the TEEMACCompareFinal function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service DoS by invoking the function TEEMACCompareFinal with a NULL pointer for the parameter operation...

7.6AI score0.00839EPSS
Exploits0References2
CVE
CVE
added 2022/09/16 9:36 p.m.67 views

CVE-2022-40760

CVE-2022-40760 affects Samsung mTower up to version 0.3.0, where a vulnerability in the TEE_MACUpdate function allows a trusted application to trigger a Denial of Service by passing an oversized chunkSize to TEE_MACUpdate. The root cause is a buffer access with an incorrect length value. Impact i...

7.5CVSS7.4AI score0.01101EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2022/09/16 9:36 p.m.27 views

CVE-2022-40760

A Buffer Access with Incorrect Length Value vulnerablity in the TEEMACUpdate function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service DoS by invoking the function TEEMACUpdate with an excessive size value of chunkSize...

7.6AI score0.01101EPSS
Exploits0References3
Cvelist
Cvelist
added 2022/09/16 9:35 p.m.32 views

CVE-2022-40761

The function teeobjfree in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service DoS by invoking the function TEEAllocateOperation with a disturbed heap layout, related to uteecrypobjalloc...

7.6AI score0.012EPSS
Exploits0References3
CVE
CVE
added 2022/09/16 9:35 p.m.55 views

CVE-2022-40761

Samsung mTower

7.5CVSS7.4AI score0.012EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2022/09/16 9:35 p.m.60 views

CVE-2022-40762

Samsung mTower prior to version 0.3.0 is vulnerable to a Denial of Service due to a memory allocation issue in the TEE_Realloc function when an excessively large len is supplied. Root cause: over-valued memory allocation in TEE_Realloc. Affected component: Samsung mTower’s TEE_Realloc handling. I...

7.5CVSS7.4AI score0.00839EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2022/09/16 9:35 p.m.30 views

CVE-2022-40762

A Memory Allocation with Excessive Size Value vulnerablity in the TEERealloc function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service DoS by invoking the function TEERealloc with an excessive number for the parameter len...

7.6AI score0.00839EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/09/16 12:0 a.m.4 views

PT-2022-25518 · Samsung · Samsung Mtower

Name of the Vulnerable Software and Affected Versions: Samsung mTower versions 0.3.0 and earlier Description: A Buffer Access with Incorrect Length Value issue in the TEE CipherUpdate function allows a trusted application to trigger a Denial of Service DoS by invoking the function TEE CipherUpdat...

7.5CVSS7.4AI score0.00856EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/09/16 12:0 a.m.4 views

SAMSUNG mTower 安全漏洞

SAMSUNG mTower is a new Trusted Execution Environment TEE from Samsung South Korea. A security vulnerability exists in SAMSUNG mTower versions prior to 0.3.0, which stems from an over-valued memory allocation in its TEERealloc function that allows a trusted application to trigger a denial of...

7.5CVSS7.3AI score0.00839EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/09/16 12:0 a.m.6 views

SAMSUNG mTower 缓冲区错误漏洞

SAMSUNG mTower is a new Trusted Execution Environment TEE from Samsung South Korea. A security vulnerability exists in SAMSUNG mTower versions prior to 0.3.0, which stems from a vulnerable buffer access with an incorrect length value in its TEEMACUpdate function that allows a trusted application ...

7.5CVSS7.5AI score0.01101EPSS
Exploits0References4
Rows per page
Query Builder