Out-of-Bounds Read Vulnerability in Samsung HDCP2 Device Node
CVE-2022-25819
5.3MEDIUM
Key Information:
- Vendor
- Samsung
- Vendor
- CVE Published:
- 10 March 2022
Summary
An out-of-bounds read vulnerability exists in the HDCP2 device node prior to the SMR Mar-2022 Release 1. This flaw permits attackers to potentially access sensitive kernel stack memory, which could be exploited to gain unauthorized access to critical information processed by the kernel. It highlights the critical need for users and administrators to upgrade their systems to secure versions to mitigate this risk.
Affected Version(s)
Samsung Mobile Devices with Exynos chipsets Selected Q(10), R(11), S(12) Exynos devices
References
CVSS V3.1
Score:
5.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved