Heap Overwrite Vulnerability in Samsung Exynos Mobile Processors
CVE-2024-27376
7.8HIGH
What is CVE-2024-27376?
A vulnerability exists in Samsung's Exynos mobile processors, identified in the function slsi_nan_subscribe_get_nl_params(). This issue arises from insufficient input validation for the parameter hal_req->rx_match_filter_len, which is received from userspace. The absence of necessary validation can allow attackers to exploit this weakness, potentially leading to a heap overwrite, which may compromise system integrity and could lead to unauthorized access or unexpected behavior within the affected devices.