PT-2024-21872 · Samsung · Exynos
Jiayy
·
Published
2024-07-09
·
Updated
2024-08-01
·
CVE-2024-27385
CVSS v3.1
6.7
Medium
| Vector | AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Samsung Mobile Processor Exynos versions 1380 through 1480
Description
A vulnerability was discovered in the
slsi handle nan rx event log ind function related to no input validation check on tag len for rx coming from userspace, which can lead to heap overwrite.Recommendations
For Samsung Mobile Processor Exynos versions 1380 through 1480, consider disabling the
slsi handle nan rx event log ind function until a patch is available.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Exynos