CVE-2023-40218

Published Sep 12, 2023

Last updated a year ago

CVSS low 3.3

Overview

Description: An issue was discovered in the NPU kernel driver in Samsung Exynos Mobile Processor 9820, 980, 2100, 2200, 1280, and 1380. An integer overflow can bypass detection of error cases via a crafted application.
Source: cve@mitre.org
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 3.3
Impact score: 1.4
Exploitability score: 1.8
Vector string: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
Severity: LOW

Weaknesses

nvd@nist.gov: CWE-190

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:samsung:exynos_9820:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "1B8C35DE-1C58-4C6E-BB15-0E3C2FECB8DA"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:samsung:exynos_9820_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1E582F31-BCC1-4276-BC34-A38EDCC4BB01"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:samsung:exynos_980:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "0D8701B6-6989-44D1-873A-A1823BFD7CCC"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:samsung:exynos_980_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5F18F62E-2012-442E-BE60-6E76325D1824"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:samsung:exynos_2100:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "9385885D-654A-496E-8029-7C6D9B077193"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:samsung:exynos_2100_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "89B88BFE-3C82-498C-8EC1-5784836DB1A1"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:samsung:exynos_2200:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "A72ADEBB-ED72-4A5B-BB27-95EDE43F8116"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:samsung:exynos_2200_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "63C0D9AC-BD23-48C9-83E7-301DEC06E583"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:samsung:exynos_1280:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "DFC68046-2F08-40D1-B158-89D8D9263541"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:samsung:exynos_1280_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BD1A7B09-9031-4E54-A24F-3237C054166B"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:samsung:exynos_1380:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "61E72146-72FE-4B54-AB79-3C665E7F016C"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:samsung:exynos_1380_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D381478B-C638-4663-BD71-144BE4B02E46"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References