Total
65 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-25408 | 2 Google, Samsung | 5 Android, Exynos 2100, Exynos 980 and 2 more | 2024-02-28 | 4.6 MEDIUM | 7.8 HIGH |
A possible buffer overflow vulnerability in NPU driver prior to SMR JUN-2021 Release 1 allows arbitrary memory write and code execution. | |||||
CVE-2021-25407 | 2 Google, Samsung | 5 Android, Exynos 2100, Exynos 980 and 2 more | 2024-02-28 | 4.6 MEDIUM | 7.8 HIGH |
A possible out of bounds write vulnerability in NPU driver prior to SMR JUN-2021 Release 1 allows arbitrary memory write. | |||||
CVE-2021-25396 | 2 Google, Samsung | 5 Android, Exynos 2100, Exynos 980 and 2 more | 2024-02-28 | 4.6 MEDIUM | 6.7 MEDIUM |
An improper input validation vulnerability in NPU firmware prior to SMR MAY-2021 Release 1 allows arbitrary memory write and code execution. | |||||
CVE-2021-25371 | 2 Google, Samsung | 4 Android, Exynos 2100, Exynos 980 and 1 more | 2024-02-28 | 7.2 HIGH | 6.7 MEDIUM |
A vulnerability in DSP driver prior to SMR Mar-2021 Release 1 allows attackers load arbitrary ELF libraries inside DSP. | |||||
CVE-2020-28343 | 2 Google, Samsung | 4 Android, Exynos 980, Exynos 9820 and 1 more | 2024-02-28 | 4.6 MEDIUM | 7.8 HIGH |
An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) (Exynos 980, 9820, and 9830 chipsets) software. The NPU driver allows attackers to execute arbitrary code because of unintended write and read operations on memory. The Samsung ID is SVE-2020-18610 (November 2020). |