Vulnerabilities (CVE)

Filtered by vendor Samsung Subscribe
Filtered by product Exynos 850
Total 39 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-27376 1 Samsung 10 Exynos 1280, Exynos 1280 Firmware, Exynos 1330 and 7 more 2024-06-27 N/A 7.8 HIGH
An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_nan_subscribe_get_nl_params(), there is no input validation check on hal_req->rx_match_filter_len coming from userspace, which can lead to a heap overwrite.
CVE-2024-27379 1 Samsung 10 Exynos 1280, Exynos 1280 Firmware, Exynos 1330 and 7 more 2024-06-27 N/A 7.8 HIGH
An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_nan_subscribe_get_nl_params(), there is no input validation check on hal_req->num_intf_addr_present coming from userspace, which can lead to a heap overwrite.
CVE-2024-27378 1 Samsung 10 Exynos 1280, Exynos 1280 Firmware, Exynos 1330 and 7 more 2024-06-27 N/A 7.1 HIGH
An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_send_action_frame_cert(), there is no input validation check on len coming from userspace, which can lead to a heap over-read.
CVE-2024-27377 1 Samsung 10 Exynos 1280, Exynos 1280 Firmware, Exynos 1330 and 7 more 2024-06-27 N/A 7.8 HIGH
An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_nan_get_security_info_nl(), there is no input validation check on sec_info->key_info.body.pmk_info.pmk_len coming from userspace, which can lead to a heap overwrite.
CVE-2024-27382 1 Samsung 10 Exynos 1280, Exynos 1280 Firmware, Exynos 1330 and 7 more 2024-06-27 N/A 7.1 HIGH
An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_send_action_frame(), there is no input validation check on len coming from userspace, which can lead to a heap over-read.
CVE-2024-27381 1 Samsung 10 Exynos 1280, Exynos 1280 Firmware, Exynos 1330 and 7 more 2024-06-27 N/A 6.0 MEDIUM
An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_send_action_frame_ut(), there is no input validation check on len coming from userspace, which can lead to a heap over-read.
CVE-2024-27380 1 Samsung 10 Exynos 1280, Exynos 1280 Firmware, Exynos 1330 and 7 more 2024-06-27 N/A 6.0 MEDIUM
An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_set_delayed_wakeup_type(), there is no input validation check on a length of ioctl_args->args[i] coming from userspace, which can lead to a heap over-read.
CVE-2023-50803 1 Samsung 26 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 23 more 2024-06-25 N/A 5.3 MEDIUM
An issue was discovered in Samsung Mobile Processor, and Modem Exynos 9820, Exynos 9825, Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos Modem 5123, Exynos Modem 5300. The baseband software does not properly check replay protection specified by the NAS (Non-Access-Stratum) module. This can lead to denial of service.
CVE-2023-43122 1 Samsung 18 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 15 more 2024-02-28 N/A 4.6 MEDIUM
Samsung Mobile Processor and Wearable Processor (Exynos 980, 850, 1080, 2100, 2200, 1280, 1380, 1330, and W920) allow Information Disclosure in the Bootloader.
CVE-2023-41111 1 Samsung 32 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 29 more 2024-02-28 N/A 7.5 HIGH
An issue was discovered in Samsung Mobile Processor, Wearable Processor, Automotive Processor, and Modem (Exynos 9810, 9610, 9820, 980, 850, 1080, 2100, 2200, 1280, 1380, 1330, 9110, W920, Modem 5123, Modem 5300, and Auto T5123). Improper handling of a length parameter inconsistency can cause abnormal termination of a mobile phone. This occurs in the RLC task and RLC module.
CVE-2023-41112 1 Samsung 32 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 29 more 2024-02-28 N/A 7.5 HIGH
An issue was discovered in Samsung Mobile Processor, Wearable Processor, Automotive Processor, and Modem (Exynos 9810, 9610, 9820, 980, 850, 1080, 2100, 2200, 1280, 1380, 1330, 9110, W920, Modem 5123, Modem 5300, and Auto T5123). A buffer copy, without checking the size of the input, can cause abnormal termination of a mobile phone. This occurs in the RLC task and RLC module.
CVE-2023-37368 1 Samsung 32 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 29 more 2024-02-28 N/A 7.5 HIGH
An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor, and Modem (Exynos Mobile Processor, Automotive Processor, and Modem - Exynos 9810, Exynos 9610, Exynos 9820, Exynos 980, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 9110, Exynos W920, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123). In the Shannon MM Task, Missing validation of a NULL pointer can cause abnormal termination via a malformed NR MM packet.
CVE-2023-37367 1 Samsung 24 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 21 more 2024-02-28 N/A 5.3 MEDIUM
An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor, and Modem (Exynos 9820, Exynos 980, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123. In the NAS Task, an improperly implemented security check for standard can disallow desired services for a while via consecutive NAS messages.
CVE-2023-36481 1 Samsung 26 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 23 more 2024-02-28 N/A 7.5 HIGH
An issue was discovered in Samsung Exynos Mobile Processor and Wearable Processor 9810, 9610, 9820, 980, 850, 1080, 2100, 2200, 1280, 1380, 1330, 9110, and W920. Improper handling of PPP length parameter inconsistency can cause an infinite loop.
CVE-2023-37377 1 Samsung 8 Exynos 2100, Exynos 2100 Firmware, Exynos 850 and 5 more 2024-02-28 N/A 7.5 HIGH
An issue was discovered in Samsung Exynos Mobile Processor and Wearable Processor (Exynos 980, Exynos 850, Exynos 2100, and Exynos W920). Improper handling of length parameter inconsistency can cause incorrect packet filtering.
CVE-2023-26075 1 Samsung 18 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 15 more 2024-02-28 N/A 9.8 CRITICAL
An issue was discovered in Samsung Mobile Chipset and Baseband Modem Chipset for Exynos 850, Exynos 980, Exynos 1080, Exynos 1280, Exynos 2200, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123. An intra-object overflow in the 5G MM message codec can occur due to insufficient parameter validation when decoding the Service Area List.
CVE-2023-26073 1 Samsung 18 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 15 more 2024-02-28 N/A 9.8 CRITICAL
An issue was discovered in Samsung Mobile Chipset and Baseband Modem Chipset for Exynos 850, Exynos 980, Exynos 1080, Exynos 1280, Exynos 2200, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123. A heap-based buffer overflow in the 5G MM message codec can occur due to insufficient parameter validation when decoding the extended emergency number list.
CVE-2023-26074 1 Samsung 18 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 15 more 2024-02-28 N/A 9.8 CRITICAL
An issue was discovered in Samsung Mobile Chipset and Baseband Modem Chipset for Exynos 850, Exynos 980, Exynos 1080, Exynos 1280, Exynos 2200, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123.. A heap-based buffer overflow in the 5G MM message codec can occur due to insufficient parameter validation when decoding operator-defined access category definitions.
CVE-2023-26072 1 Samsung 18 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 15 more 2024-02-28 N/A 9.8 CRITICAL
An issue was discovered in Samsung Mobile Chipset and Baseband Modem Chipset for Exynos 850, Exynos 980, Exynos 1080, Exynos 1280, Exynos 2200, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123. A heap-based buffer overflow in the 5G MM message codec can occur due to insufficient parameter validation when decoding the Emergency number list.