CVE-2024-44068

Name of the Vulnerable Software and Affected Versions Samsung Exynos versions 9820 through 9825 Samsung Exynos versions 980 through 990 Samsung Exynos version 850 Samsung Exynos version W920

Description The issue is related to a use-after-free vulnerability in the m2m scaler driver of Samsung Mobile Processor and Wearable Processor Exynos models. This vulnerability leads to privilege escalation. The vulnerability is being exploited in the wild, allowing attackers to execute arbitrary code and escalate privileges on affected devices. The estimated number of potentially affected devices is not specified.

Recommendations For Samsung Exynos versions 9820 through 9825, update to the latest security patch SMR-Oct-2024 to fix the vulnerability. For Samsung Exynos versions 980 through 990, update to the latest security patch SMR-Oct-2024 to fix the vulnerability. For Samsung Exynos version 850, update to the latest security patch SMR-Oct-2024 to fix the vulnerability. For Samsung Exynos version W920, update to the latest security patch SMR-Oct-2024 to fix the vulnerability. As a temporary workaround, consider restricting access to the vulnerable m2m scaler driver until a patch is available.