CVE-2024-32502

Name of the Vulnerable Software and Affected Versions Samsung Mobile Processor and Wearable Processor Exynos versions 850 through 2100 Samsung Mobile Processor and Wearable Processor Exynos versions 1080 Samsung Mobile Processor and Wearable Processor Exynos versions 1280 Samsung Mobile Processor and Wearable Processor Exynos versions 1380 Samsung Mobile Processor and Wearable Processor Exynos versions 1330 Samsung Mobile Processor and Wearable Processor Exynos W920 Samsung Mobile Processor and Wearable Processor Exynos W930

Description An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos, where the mobile processor lacks proper reference count checking, which can result in a UAF (Use-After-Free) vulnerability. This vulnerability poses a high-severity risk.

Recommendations For Exynos 850, update to a version that includes proper reference count checking to mitigate the UAF vulnerability. For Exynos 1080, apply a patch that addresses the lack of reference count checking. For Exynos 2100, update the firmware to include the necessary security fixes. For Exynos 1280, restrict access to vulnerable components until a patch is available. For Exynos 1380, consider disabling vulnerable functions until an update is released. For Exynos 1330, apply configuration changes to minimize the risk of exploitation. For Exynos W920, update to a newer version that includes the security patch. For Exynos W930, restrict the use of vulnerable modules to prevent potential attacks.