CVE-2024-27383

Published Sep 9, 2024

Last updated 2 months ago

CVSS high 7.8

Overview

Description: An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_get_scan_extra_ies(), there is no input validation check on default_ies coming from userspace, which can lead to a heap overwrite.
Source: cve@mitre.org
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 7.8
Impact score: 5.9
Exploitability score: 1.8
Vector string: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity: HIGH

Weaknesses

nvd@nist.gov: CWE-787

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:samsung:exynos_980_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5F18F62E-2012-442E-BE60-6E76325D1824"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:samsung:exynos_980:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "0D8701B6-6989-44D1-873A-A1823BFD7CCC"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:samsung:exynos_850_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1928760C-4FC4-45B0-84FF-C1105CD1DD2A"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:samsung:exynos_850:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "BB410A6D-642B-49AE-8B1C-EADA953A84DA"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:samsung:exynos_1080_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "43DE4D6F-D662-46F2-93BC-9AE950320BDE"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:samsung:exynos_1080:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "EE06CD56-8BFD-4208-843A-179E3E6F5C10"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:samsung:exynos_1280_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BD1A7B09-9031-4E54-A24F-3237C054166B"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:samsung:exynos_1280:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "DFC68046-2F08-40D1-B158-89D8D9263541"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:samsung:exynos_1330_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C2635646-DD6A-4735-8E01-F45445584832"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:samsung:exynos_1330:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "AA0F8A58-71B7-4503-A03A-6FB4282D75BD"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:samsung:exynos_1380_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D381478B-C638-4663-BD71-144BE4B02E46"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:samsung:exynos_1380:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "61E72146-72FE-4B54-AB79-3C665E7F016C"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:samsung:exynos_1480_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "64897B0D-EBF6-4BEB-BF54-ABCDBFAB45E0"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:samsung:exynos_1480:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F3F328B4-0442-4748-B5EE-DD1CEE50D6CF"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:samsung:exynos_w920_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B6ADED27-EDAF-4FB3-8CB2-AE5F59B93641"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:samsung:exynos_w920:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "4BF79654-E5C6-4DFF-B33A-A78571CD300C"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:samsung:exynos_w930_firmware:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "801E188F-C71B-4933-9099-151A4A1B1BC5"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:samsung:exynos_w930:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "8D8FC82D-57C5-4F00-BDF4-4261A32C4246"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References