Out-of-Bounds Read Vulnerability in Samsung HDCP2 Device Node
CVE-2022-25819

5.3MEDIUM

Key Information:

Vendor
Samsung
Vendor
CVE Published:
10 March 2022

Summary

An out-of-bounds read vulnerability exists in the HDCP2 device node prior to the SMR Mar-2022 Release 1. This flaw permits attackers to potentially access sensitive kernel stack memory, which could be exploited to gain unauthorized access to critical information processed by the kernel. It highlights the critical need for users and administrators to upgrade their systems to secure versions to mitigate this risk.

Affected Version(s)

Samsung Mobile Devices with Exynos chipsets Selected Q(10), R(11), S(12) Exynos devices

References

CVSS V3.1

Score:
5.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.