CVE-2023-37377

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2023-37377
An issue was discovered in Samsung Exynos Mobile Processor and Wearable Processor (Exynos 980, Exynos 850, Exynos 2100, and Exynos W920). Improper handling of length parameter inconsistency can cause incorrect packet filtering.

2.0 /10

CVSS v3 : LOW

V3 Legend

Vector :

Exploitability : 0.6 / Impact : 1.4

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required HIGH

User Interaction REQUIRED

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact LOW

Scope UNCHANGED

References
Link Resource
https://semiconductor.samsung.com/support/quality-support/product-security-updates/ Vendor Advisory
https://semiconductor.samsung.com/support/quality-support/product-security-updates/ Vendor Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:samsung:exynos_980_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_980:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:samsung:exynos_850_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_850:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:samsung:exynos_2100_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_2100:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:samsung:exynos_w920_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_w920:-:*:*:*:*:*:*:*
History

No history.

Information

Published : 2023-09-08 03:15

Updated : 2024-11-21 08:11

NVD link : CVE-2023-37377

Mitre link : CVE-2023-37377

CVE.ORG link : CVE-2023-37377

JSON object : View

Products Affected

samsung

  • exynos_w920
  • exynos_980_firmware
  • exynos_2100
  • exynos_850
  • exynos_w920_firmware
  • exynos_2100_firmware
  • exynos_850_firmware
  • exynos_980
CWE
CWE-125

Out-of-bounds Read