NULL Pointer Dereference in Samsung Mobile and Wearable Processors
CVE-2024-28068

5.3MEDIUM

Key Information:

Vendor

Samsung
Status
Exynos Mobile Processor and Wearable Processor
Vendor
CVE Published:
9 July 2024

What is CVE-2024-28068?

A vulnerability has been identified in Samsung's Exynos mobile and wearable processors that allows for a NULL pointer dereference. This flaw could potentially enable an attacker to send a specially crafted packet that may result in the abnormal termination of the device, impacting user experience and device functionality. It's crucial for users of the affected Exynos processor models to remain informed about this issue and apply any recommended updates from Samsung.

References

https://semiconductor.samsung.com/support/quality-support...
https://semiconductor.samsung.com/support/quality-support...

CVSS V3.1

Score:
5.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Adjacent Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

JSON
.