119 matches found
PT-2022-25523 · Samsung · Mtower
Name of the Vulnerable Software and Affected Versions: Samsung mTower versions 0.3.0 and earlier Description: A Memory Allocation with Excessive Size Value issue in the TEE Realloc function allows a trusted application to trigger a Denial of Service DoS by invoking the function TEE Realloc with a...
PT-2022-25519 · Samsung · Samsung Mtower
Name of the Vulnerable Software and Affected Versions: Samsung mTower versions 0.3.0 and earlier Description: A NULL pointer dereference issue in the TEE MACCompareFinal function allows a trusted application to trigger a Denial of Service DoS by invoking the TEE MACCompareFinal function with a NU...
SAMSUNG mTower 缓冲区错误漏洞
SAMSUNG mTower is a new Trusted Execution Environment TEE from Samsung South Korea. A security vulnerability exists in SAMSUNG mTower versions prior to 0.3.0, which stems from a vulnerable buffer access with an incorrect length value in its TEEMACUpdate function that allows a trusted application ...
SAMSUNG mTower 缓冲区错误漏洞
SAMSUNG mTower is a new Trusted Execution Environment TEE from Samsung South Korea. A security vulnerability exists in SAMSUNG mTower versions prior to 0.3.0, which stems from a buffer access in its TEEMACComputeFinal function with an incorrect length value vulnerability that allows a trusted...
SAMSUNG mTower 代码问题漏洞
SAMSUNG mTower is a new Trusted Execution Environment TEE from Samsung South Korea. A security vulnerability exists in SAMSUNG mTower versions prior to 0.3.0, which stems from a vulnerable null pointer dereference in its TEEMACCompareFinal function that allows a trusted application to trigger a...
SAMSUNG mTower 输入验证错误漏洞
SAMSUNG mTower is a new Trusted Execution Environment TEE from Samsung South Korea. A security vulnerability in SAMSUNG mTower versions prior to 0.3.0, which stems from an incorrect input validation vulnerability in its teeobjfree function, allows a trusted application to trigger a denial of...
CVE-2022-39829
There is a NULL pointer dereference in aes256encrypt in Samsung mTower through 0.3.0 due to a missing check on the return value of EVPCIPHERCTXnew...
CVE-2022-39828
signpFwInfo in Samsung mTower through 0.3.0 has a missing check on the return value of ECKEYsetprivatekey, leading to a denial of service...
CVE-2022-39830
signpFwInfo in Samsung mTower through 0.3.0 has a missing check on the return value of ECKEYsetpublickeyaffinecoordinates, leading to a denial of service...
CVE-2022-39829
There is a NULL pointer dereference in aes256encrypt in Samsung mTower through 0.3.0 due to a missing check on the return value of EVPCIPHERCTXnew...
CVE-2022-39830
signpFwInfo in Samsung mTower through 0.3.0 has a missing check on the return value of ECKEYsetpublickeyaffinecoordinates, leading to a denial of service...
CVE-2022-39828
signpFwInfo in Samsung mTower through 0.3.0 has a missing check on the return value of ECKEYsetprivatekey, leading to a denial of service...
CVE-2022-39830
signpFwInfo in Samsung mTower through 0.3.0 has a missing check on the return value of ECKEYsetpublickeyaffinecoordinates, leading to a denial of service...
CVE-2022-39829
There is a NULL pointer dereference in aes256encrypt in Samsung mTower through 0.3.0 due to a missing check on the return value of EVPCIPHERCTXnew...
Denial of service
signpFwInfo in Samsung mTower through 0.3.0 has a missing check on the return value of ECKEYsetprivatekey, leading to a denial of service...
Null pointer dereference
There is a NULL pointer dereference in aes256encrypt in Samsung mTower through 0.3.0 due to a missing check on the return value of EVPCIPHERCTXnew...
Denial of service
signpFwInfo in Samsung mTower through 0.3.0 has a missing check on the return value of ECKEYsetpublickeyaffinecoordinates, leading to a denial of service...
CVE-2022-39828
signpFwInfo in Samsung mTower through 0.3.0 has a missing check on the return value of ECKEYsetprivatekey, leading to a denial of service...
CVE-2022-39828
CVE-2022-39828 affects Samsung mTower 0.3.0 and earlier. The root cause is a missing check on the return value of EC_KEY_set_private_key in the sign_pFwInfo function, which can lead to a denial-of-service. Impact is an availability disruption; exploitation details are not provided in the document...
CVE-2022-39829
Samsung mTower 0.3.0 and earlier has a NULL pointer dereference in aes256_encrypt caused by a missing check of EVP_CIPHER_CTX_new. CVE-2022-39829 affects the module in the Trusted Execution Environment and is rated HIGH (CVSS 3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). Connected sources confirm th...