Samsung: >> Exynos 980 Security Vulnerabilities
An improper input validation vulnerability in DSP driver prior to SMR Sep-2021 Release 1 allows local attackers to get a limited kernel memory information.
CVSS Score
5.9
EPSS Score
0.0
Published
2021-09-09
An improper input validation vulnerability in loading graph file in DSP driver prior to SMR Sep-2021 Release 1 allows attackers to perform permanent denial of service on the device.
CVSS Score
5.5
EPSS Score
0.0
Published
2021-09-09
An improper input validation vulnerability in NPU firmware prior to SMR MAY-2021 Release 1 allows arbitrary memory write and code execution.
CVSS Score
6.7
EPSS Score
0.0
Published
2021-06-11
A possible out of bounds write vulnerability in NPU driver prior to SMR JUN-2021 Release 1 allows arbitrary memory write.
CVSS Score
7.8
EPSS Score
0.0
Published
2021-06-11
A possible buffer overflow vulnerability in NPU driver prior to SMR JUN-2021 Release 1 allows arbitrary memory write and code execution.
CVSS Score
7.8
EPSS Score
0.0
Published
2021-06-11
CVE-2021-25371
A vulnerability in DSP driver prior to SMR Mar-2021 Release 1 allows attackers load arbitrary ELF libraries inside DSP.
Known exploited
CVSS Score
6.1
EPSS Score
0.019
Published
2021-03-26
CVE-2021-25372
An improper boundary check in DSP driver prior to SMR Mar-2021 Release 1 allows out of bounds memory access.
Known exploited
CVSS Score
6.1
EPSS Score
0.014
Published
2021-03-26
An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) (Exynos 980, 9820, and 9830 chipsets) software. The NPU driver allows attackers to execute arbitrary code because of unintended write and read operations on memory. The Samsung ID is SVE-2020-18610 (November 2020).
CVSS Score
7.8
EPSS Score
0.001
Published
2020-11-08
Page 7