Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-32503

An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 850, Exynos 1080, Exynos 2100, Exynos 1280, Exynos 1380, Exynos 1330, Exynos W920, Exynos W930. The mobile processor lacks proper memory deallocation checking, which can result in a UAF (Use-After-Free) vulnerability.

Published

2024-06-07T16:15:10.507

Last Modified

2024-11-21T09:15:02.893

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 8.4 (HIGH)

Weaknesses

Type: Primary
CWE-416
Type: Secondary
CWE-762

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	samsung	exynos_850_firmware	-	Yes
Hardware	samsung	exynos_850	-	No
Operating System	samsung	exynos_1080_firmware	-	Yes
Hardware	samsung	exynos_1080	-	No
Operating System	samsung	exynos_2100_firmware	-	Yes
Hardware	samsung	exynos_2100	-	No
Operating System	samsung	exynos_1280_firmware	-	Yes
Hardware	samsung	exynos_1280	-	No
Operating System	samsung	exynos_1380_firmware	-	Yes
Hardware	samsung	exynos_1380	-	No
Operating System	samsung	exynos_1330_firmware	-	Yes
Hardware	samsung	exynos_1330	-	No
Operating System	samsung	exynos_w920_firmware	-	Yes
Hardware	samsung	exynos_w920	-	No
Operating System	samsung	exynos_w930_firmware	-	Yes
Hardware	samsung	exynos_w930	-	No

References

https://semiconductor.samsung.com/support/quality-support/product-security-updates/ Vendor Advisory ([email protected])
https://semiconductor.samsung.com/support/quality-support/product-security-updates/ Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)