Kai Tu

Name of the Vulnerable Software and Affected Versions: Samsung Mobile Processor, Wearable Processor, and Modem Exynos versions 980 through 9825, versions 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400 Description: An issue was discovered in the NAS component of Samsung processors, which affects various models including Mobile Processor, Wearable Processor, and Modem Exynos. The issue is caused by a lack of length check, leading to out-of-bounds writes. Recommendations: For all affected versions, consider applying a patch or fix that implements a proper length check to prevent out-of-bounds writes. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Samsung Mobile Processor, Wearable Processor, and Modem Exynos versions 980 through 9825 Samsung Mobile Processor, Wearable Processor, and Modem Exynos versions 990 Samsung Mobile Processor, Wearable Processor, and Modem Exynos versions 850 Samsung Mobile Processor, Wearable Processor, and Modem Exynos versions 1080 Samsung Mobile Processor, Wearable Processor, and Modem Exynos versions 2100 Samsung Mobile Processor, Wearable Processor, and Modem Exynos versions 1280 Samsung Mobile Processor, Wearable Processor, and Modem Exynos versions 2200 Samsung Mobile Processor, Wearable Processor, and Modem Exynos versions 1330 Samsung Mobile Processor, Wearable Processor, and Modem Exynos versions 1380 Samsung Mobile Processor, Wearable Processor, and Modem Exynos versions 1480 Samsung Mobile Processor, Wearable Processor, and Modem Exynos versions 2400 Samsung Mobile Processor, Wearable Processor, and Modem Exynos versions 9110 Samsung Mobile Processor, Wearable Processor, and Modem Exynos W920 Samsung Mobile Processor, Wearable Processor, and Modem Exynos W930 Samsung Mobile Processor, Wearable Processor, and Modem Exynos W1000 Samsung Mobile Processor, Wearable Processor, and Modem Modem 5123 Samsung Mobile Processor, Wearable Processor, and Modem Modem 5300 Samsung Mobile Processor, Wearable Processor, and Modem Modem 5400 Description: An issue was discovered in the NAS component of Samsung Mobile Processor, Wearable Processor, and Modem Exynos. The lack of a length check leads to out-of-bounds writes. Recommendations: For Samsung Mobile Processor, Wearable Processor, and Modem Exynos versions 980 through 9825, consider disabling the NAS component until a patch is available. For Samsung Mobile Processor, Wearable Processor, and Modem Exynos versions 990, restrict access to the NAS component to minimize the risk of exploitation. For Samsung Mobile Processor, Wearable Processor, and Modem Exynos versions 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400, avoid using the NAS component in sensitive operations until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Samsung Mobile Processor, Wearable Processor, and Modem Exynos versions 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400 Description: The issue is related to the lack of a length check, which leads to out-of-bounds reads via malformed NAS packets. Recommendations: For Samsung Mobile Processor, Wearable Processor, and Modem Exynos versions 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400, consider implementing a length check to prevent out-of-bounds reads. As a temporary workaround, consider restricting the processing of NAS packets to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.