ГлавнаяУязвимости → CVE-2024-39890
8.1высокая

CVE-2024-39890

Описание

An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300. The baseband software does not properly check the length specified by the CC (Call Control). This can lead to an Out-of-Bounds write.

Затрагиваемое ПО
Samsung Exynos modem 5123 firmwareSamsung Exynos modem 5123Samsung Exynos modem 5300 firmwareSamsung Exynos modem 5300Samsung Exynos 9820 firmwareSamsung Exynos 9820Samsung Exynos 9825 firmwareSamsung Exynos 9825Samsung Exynos 980 firmwareSamsung Exynos 980Samsung Exynos 990 firmwareSamsung Exynos 990Samsung Exynos 850 firmwareSamsung Exynos 850Samsung Exynos 1080 firmwareSamsung Exynos 1080Samsung Exynos 2100 firmwareSamsung Exynos 2100Samsung Exynos 1280 firmwareSamsung Exynos 1280Samsung Exynos 2200 firmwareSamsung Exynos 2200Samsung Exynos 1330 firmwareSamsung Exynos 1330Samsung Exynos 1380 firmware
CVSS
Балл8.1 — высокая
ВекторCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Источники
https://semiconductor.samsung.com/support/quality-support/product-security-updates/