Heap Overflow Vulnerability in Samsung Mobile Processors
CVE-2024-27375
6.7MEDIUM
What is CVE-2024-27375?
A vulnerability has emerged in several models of Samsung's Exynos mobile processors, specifically in the slsi_nan_followup_get_nl_params() function. This vulnerability arises from inadequate input validation on the hal_req->sdea_service_specific_info_len parameter, which originates from userspace. As a result, this oversight can lead to a heap overwrite condition, potentially compromising the security of devices powered by these processors. Users are advised to be aware of this vulnerability and implement any available security updates to protect their devices.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
References
CVSS V3.1
Score:
6.7
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published