19 matches found
CVE-2025-36923
CVE-2025-36923 affects the NrmmDecoder::DecodeSORTransparentContext function in cn_NrmmDecoder.cpp, where a heap buffer overflow can cause an out-of-bounds write. This could enable remote (proximal/adjacent) escalation of privilege with no user interaction required. Exploitation details, affected...
CVE-2025-53965
An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. The function used to decode the SOR transparent container lacks bounds checking...
CVE-2025-53965
The CVE-2025-53965 entry concerns a lack of bounds checking in the function that decodes the SOR transparent container, affecting Samsung Mobile Processor, Wearable Processor, and Modem Exynos lines (models including 980, 990, 850, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, W920, W930,...
CVE-2025-53965
An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. The function used to decode the SOR transparent container lacks bounds checking...
CVE-2025-53965
An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. The function used to decode the SOR transparent container lacks bounds checking...
EUVD-2025-199295
Malicious code in @sameepsi/sor npm...
MAL-2025-191309 Malicious code in @sameepsi/sor (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c938c06786ba13f7feed4114c84d12806a6c7ce595360985be178a8ae4844257 The package @sameepsi/sor was found to contain malicious code. Source: ghsa-malware d04547ce27d4c15e2f969770ddc25732ef8f72d46eb21e8dc06f11fc1dc8eea9...
Malicious code in balancer-labs-sor-v1 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 913cc298291011f049211a4379e100f5ca724f09b512b5fdfcc84fd0f1df3caa The package balancer-labs-sor-v1 was found to contain malicious code. Source: ossf-package-analysis...
MAL-2025-49311 Malicious code in balancer-labs-sor-v1 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 913cc298291011f049211a4379e100f5ca724f09b512b5fdfcc84fd0f1df3caa The package balancer-labs-sor-v1 was found to contain malicious code. Source: ossf-package-analysis...
CVE-2025-27034
Memory corruption while selecting the PLMN from SOR failed list...
CVE-2025-27034 Improper Validation of Array Index in Multi-Mode Call Processor
Memory corruption while selecting the PLMN from SOR failed list...
CVE-2024-23350
Permanent DOS when DL NAS transport receives multiple payloads such that one payload contains SOR container whose integrity check has failed, and the other is LPP where UE needs to send status message to network...
CVE-2024-23350 Reachable Assertion in Multi Mode Call Processor
Permanent DOS when DL NAS transport receives multiple payloads such that one payload contains SOR container whose integrity check has failed, and the other is LPP where UE needs to send status message to network...
CVE-2024-23350 Reachable Assertion in Multi Mode Call Processor
Permanent DOS when DL NAS transport receives multiple payloads such that one payload contains SOR container whose integrity check has failed, and the other is LPP where UE needs to send status message to network...
CVE-2024-23350
CVE-2024-23350 relates to a permanent Denial of Service in Qualcomm Snapdragon software, triggered when the DL NAS transport processes multiple payloads: one payload with a SOR container failing its integrity check and another LPP where the UE must send a status message. Root cause cited as an un...
GSD-2021-1001049 drm/tegra: sor: Do not leak runtime PM reference
drm/tegra: sor: Do not leak runtime PM reference This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.12 by commit...
UVI-2021-1001049 drm/tegra: sor: Do not leak runtime PM reference
drm/tegra: sor: Do not leak runtime PM reference This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.12 by commit...
GSD-2021-1000970 drm/tegra: sor: Do not leak runtime PM reference
drm/tegra: sor: Do not leak runtime PM reference This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.45 by commit...
UVI-2021-1000910 drm/tegra: sor: Do not leak runtime PM reference
drm/tegra: sor: Do not leak runtime PM reference This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.127 by commit...