Jiayy

**Name of the Vulnerable Software and Affected Versions** Samsung Mobile Processor Exynos Wearable Processor versions Exynos 980, Exynos 850, Exynos 1080, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 1480, Exynos W920, Exynos W930 **Description** An issue was discovered in the function `slsi rx scan ind()`, where there is no input validation check on a length coming from userspace, which can lead to integer overflow and a potential heap over-read. **Recommendations** For Samsung Mobile Processor Exynos Wearable Processor versions Exynos 980, Exynos 850, Exynos 1080, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 1480, Exynos W920, Exynos W930, consider disabling the `slsi rx scan ind()` function until a patch is available to prevent potential heap over-read. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Samsung Mobile Processor Exynos versions Exynos 980, Exynos 850, Exynos 1080, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 1480, Exynos W920, Exynos W930 **Description** An issue was discovered in the function `slsi rx blockack ind()`, where there is no input validation check on a length coming from userspace, which can lead to a potential heap over-read. **Recommendations** For Samsung Mobile Processor Exynos versions Exynos 980, Exynos 850, Exynos 1080, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 1480, Exynos W920, Exynos W930, consider disabling the `slsi rx blockack ind()` function until a patch is available to prevent potential heap over-read. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Samsung Mobile Processor, Wearable Processor Exynos versions Exynos 980, Exynos 850, Exynos 1080, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 1480, Exynos W920, Exynos W930 **Description** An issue was discovered in the function `slsi rx scan done ind()`, where there is no input validation check on a length coming from userspace, which can lead to a potential heap over-read. **Recommendations** For Samsung Mobile Processor, Wearable Processor Exynos versions Exynos 980, Exynos 850, Exynos 1080, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 1480, Exynos W920, Exynos W930, consider disabling the `slsi rx scan done ind()` function until a patch is available. Restrict access to the affected function to minimize the risk of exploitation. Avoid using lengths coming from userspace in the affected function until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Exynos 980 Exynos 850 Exynos 1080 Exynos 1280 Exynos 1380 Exynos 1330 Exynos 1480 Exynos W920 Exynos W930 **Description** An issue was discovered in the function `slsi rx roamed ind()`, where there is no input validation check on a length coming from userspace, which can lead to a potential heap over-read. **Recommendations** For Exynos 980, update to a version that includes input validation checks for the `slsi rx roamed ind()` function. For Exynos 850, update to a version that includes input validation checks for the `slsi rx roamed ind()` function. For Exynos 1080, update to a version that includes input validation checks for the `slsi rx roamed ind()` function. For Exynos 1280, update to a version that includes input validation checks for the `slsi rx roamed ind()` function. For Exynos 1380, update to a version that includes input validation checks for the `slsi rx roamed ind()` function. For Exynos 1330, update to a version that includes input validation checks for the `slsi rx roamed ind()` function. For Exynos 1480, update to a version that includes input validation checks for the `slsi rx roamed ind()` function. For Exynos W920, update to a version that includes input validation checks for the `slsi rx roamed ind()` function. For Exynos W930, update to a version that includes input validation checks for the `slsi rx roamed ind()` function. As a temporary workaround, consider disabling the `slsi rx roamed ind()` function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Samsung Mobile Processor Exynos versions 980, 850, 1280, 1380, and 1330 **Description** An issue was discovered in the function `slsi rx range done ind()`, where there is no input validation check on `rtt id` coming from userspace, which can lead to a heap overwrite. **Recommendations** For Samsung Mobile Processor Exynos versions 980, 850, 1280, 1380, and 1330, consider disabling the `slsi rx range done ind()` function until a patch is available to prevent potential heap overwrite exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Samsung Mobile Processor Exynos versions 1380 through 1480 **Description** A vulnerability was discovered in the `slsi handle nan rx event log ind` function related to no input validation check on `tag len` for tx coming from userspace, which can lead to heap overwrite. **Recommendations** For Samsung Mobile Processor Exynos versions 1380 through 1480, consider disabling the `slsi handle nan rx event log ind` function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Samsung Mobile Processor Exynos versions 1380 through 1480 **Description** A vulnerability was discovered in the `slsi handle nan rx event log ind` function related to no input validation check on `tag len` for rx coming from userspace, which can lead to heap overwrite. **Recommendations** For Samsung Mobile Processor Exynos versions 1380 through 1480, consider disabling the `slsi handle nan rx event log ind` function until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.