| Title | 複数のサムスン製品における境界外読み取りに関する脆弱性 |
|---|---|
| Summary | exynos 980 ファームウェア、exynos 850 ファームウェア、exynos 1080 ファームウェア等複数のサムスン製品には、境界外読み取りに関する脆弱性が存在します。 |
| Possible impacts | 情報を取得される可能性があります。 |
| Solution | ベンダアドバイザリまたはパッチ情報が公開されています。参考情報を参照して適切な対策を実施してください。 |
| Publication Date | Sept. 9, 2024, midnight |
| Registration Date | Sept. 12, 2024, 2:45 p.m. |
| Last Update | Sept. 12, 2024, 2:45 p.m. |
| CVSS3.0 : 警告 | |
| Score | 5.5 |
|---|---|
| Vector | CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
| サムスン |
| exynos 1080 ファームウェア |
| exynos 1280 ファームウェア |
| exynos 1330 ファームウェア |
| exynos 1380 ファームウェア |
| exynos 1480 ファームウェア |
| exynos 850 ファームウェア |
| exynos 980 ファームウェア |
| exynos w920 ファームウェア |
| exynos w930 ファームウェア |
| No | Changed Details | Date of change |
|---|---|---|
| 1 | [2024年09月12日] 掲載 |
Sept. 12, 2024, 2:45 p.m. |
| Summary | An issue was discovered in Samsung Mobile Processor Exynos Wearable Processor Exynos 980, Exynos 850, Exynos 1080, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 1480, Exynos W920, Exynos W930. In the function slsi_rx_scan_ind(), there is no input validation check on a length coming from userspace, which can lead to integer overflow and a potential heap over-read. |
|---|---|
| Publication Date | Sept. 10, 2024, 5:15 a.m. |
| Registration Date | Sept. 10, 2024, noon |
| Last Update | Sept. 12, 2024, 12:26 a.m. |
| Configuration1 | or higher | or less | more than | less than | |
| cpe:2.3:o:samsung:exynos_980_firmware:-:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:samsung:exynos_980:-:*:*:*:*:*:*:* | ||||
| Configuration2 | or higher | or less | more than | less than | |
| cpe:2.3:o:samsung:exynos_850_firmware:-:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:samsung:exynos_850:-:*:*:*:*:*:*:* | ||||
| Configuration3 | or higher | or less | more than | less than | |
| cpe:2.3:o:samsung:exynos_1080_firmware:-:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:samsung:exynos_1080:-:*:*:*:*:*:*:* | ||||
| Configuration4 | or higher | or less | more than | less than | |
| cpe:2.3:o:samsung:exynos_1280_firmware:-:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:samsung:exynos_1280:-:*:*:*:*:*:*:* | ||||
| Configuration5 | or higher | or less | more than | less than | |
| cpe:2.3:o:samsung:exynos_1380_firmware:-:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:samsung:exynos_1380:-:*:*:*:*:*:*:* | ||||
| Configuration6 | or higher | or less | more than | less than | |
| cpe:2.3:o:samsung:exynos_1330_firmware:-:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:samsung:exynos_1330:-:*:*:*:*:*:*:* | ||||
| Configuration7 | or higher | or less | more than | less than | |
| cpe:2.3:o:samsung:exynos_1480_firmware:-:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:samsung:exynos_1480:-:*:*:*:*:*:*:* | ||||
| Configuration8 | or higher | or less | more than | less than | |
| cpe:2.3:o:samsung:exynos_w920_firmware:-:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:samsung:exynos_w920:-:*:*:*:*:*:*:* | ||||
| Configuration9 | or higher | or less | more than | less than | |
| cpe:2.3:o:samsung:exynos_w930_firmware:-:*:*:*:*:*:*:* | |||||
| execution environment | |||||
| 1 | cpe:2.3:h:samsung:exynos_w930:-:*:*:*:*:*:*:* | ||||