Use-After-Free Vulnerability in Samsung Mobile and Wearable Processors
CVE-2024-32502

8.4HIGH

Key Information:

Vendor: Samsung
Status: Exynos 1080 Firmware
Vendor: CVE Published:; 7 June 2024

What is CVE-2024-32502?

A vulnerability has been identified in Samsung's Exynos mobile and wearable processors, specifically affecting versions Exynos 850, Exynos 1080, Exynos 2100, Exynos 1280, Exynos 1380, Exynos 1330, Exynos W920, and Exynos W930. This vulnerability arises from a lack of proper reference count checking, leading to a Use-After-Free condition. Such a vulnerability can allow potential attackers to exploit freed memory, leading to unforeseen behaviors, data corruption, or other security breaches in devices utilizing these processors. Users of affected devices are encouraged to stay informed about necessary updates and mitigations from the vendor to ensure their systems remain secure.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://semiconductor.samsung.com/support/quality-support...

CVSS V3.1

Score:

8.4

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jun 7, 2024
Vulnerability Reserved
Apr 15, 2024

JSON

Samsung

What is CVE-2024-32502?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.