Samsung Exynos_9830
20 CVEs affecting Samsung Exynos_9830. Latest disclosed: 2022-04-11. Critical: 2, High: 4.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2020-25053 | Critical | 9.8 | 2020-08-31 | An issue was discovered on Samsung mobile devices with Q(10.0) (exynos9830 chipsets) software. RKP allows arbitrary code execution. The Samsung ID is SVE-2020-… |
CVE-2020-25052 | Critical | 9.8 | 2020-08-31 | An issue was discovered on Samsung mobile devices with Q(10.0) (exynos9830 chipsets) software. H-Arx allows attackers to execute arbitrary code or cause a deni… |
CVE-2021-25408 | High | 7.8 | 2021-06-11 | A possible buffer overflow vulnerability in NPU driver prior to SMR JUN-2021 Release 1 allows arbitrary memory write and code execution. |
CVE-2021-25407 | High | 7.8 | 2021-06-11 | A possible out of bounds write vulnerability in NPU driver prior to SMR JUN-2021 Release 1 allows arbitrary memory write. |
CVE-2020-28343 | High | 7.8 | 2020-11-08 | An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) (Exynos 980, 9820, and 9830 chipsets) software. The NPU driver allows attackers to ex… |
CVE-2021-25500 | High | 7.2 | 2021-11-05 | A missing input validation in HDCP LDFW prior to SMR Nov-2021 Release 1 allows attackers to overwrite TZASC allowing TEE compromise. |
CVE-2021-25396 | Medium | 6.7 | 2021-06-11 | An improper input validation vulnerability in NPU firmware prior to SMR MAY-2021 Release 1 allows arbitrary memory write and code execution. |
CVE-2021-25416 | Medium | 6.5 | 2021-06-11 | Assuming EL1 is compromised, an improper address validation in RKP prior to SMR JUN-2021 Release 1 allows local attackers to create executable kernel page outs… |
CVE-2021-25372 | Medium | 6.1 | 2021-03-26 | An improper boundary check in DSP driver prior to SMR Mar-2021 Release 1 allows out of bounds memory access. |
CVE-2021-25371 | Medium | 6.1 | 2021-03-26 | A vulnerability in DSP driver prior to SMR Mar-2021 Release 1 allows attackers load arbitrary ELF libraries inside DSP. |
CVE-2021-25457 | Medium | 5.9 | 2021-09-09 | An improper input validation vulnerability in DSP driver prior to SMR Sep-2021 Release 1 allows local attackers to get a limited kernel memory information. |
CVE-2021-25452 | Medium | 5.5 | 2021-09-09 | An improper input validation vulnerability in loading graph file in DSP driver prior to SMR Sep-2021 Release 1 allows attackers to perform permanent denial of… |
CVE-2021-25415 | Medium | 5.5 | 2021-06-11 | Assuming EL1 is compromised, an improper address validation in RKP prior to SMR JUN-2021 Release 1 allows local attackers to remap EL2 memory as writable. |
CVE-2021-25467 | Medium | 5.3 | 2021-10-06 | Assuming system privilege is gained, possible buffer overflow vulnerabilities in the Vision DSP kernel driver prior to SMR Oct-2021 Release 1 allows privilege… |
CVE-2022-27833 | Medium | 4.4 | 2022-04-11 | Improper input validation in DSP driver prior to SMR Apr-2022 Release 1 allows out-of-bounds write by integer overflow. |
CVE-2021-25411 | Medium | 4.4 | 2021-06-11 | Improper address validation vulnerability in RKP api prior to SMR JUN-2021 Release 1 allows root privileged local attackers to write read-only kernel memory. |
CVE-2021-25339 | Medium | 4.4 | 2021-03-04 | Improper address validation in HArx in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows an attacker, given a compromised kernel, to corrupt EL2 me… |
CVE-2021-25338 | Medium | 4.4 | 2021-03-04 | Improper memory access control in RKP in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows an attacker, given a compromised kernel, to write certai… |
CVE-2021-25475 | Low | 3.9 | 2021-10-06 | A possible heap-based buffer overflow vulnerability in DSP kernel driver prior to SMR Oct-2021 Release 1 allows arbitrary memory write and code execution. |
CVE-2022-27834 | Low | 2.9 | 2022-04-11 | Use after free vulnerability in dsp_context_unload_graph function of DSP driver prior to SMR Apr-2022 Release 1 allows attackers to perform malicious actions. |