5.1
CVE-2024-27361
- EPSS 0.07%
- Published 09.07.2024 20:15:10
- Last modified 26.06.2025 20:54:46
- Source cve@mitre.org
- Teams watchlist Login
- Open Login
A vulnerability was discovered in Samsung Mobile Processor Exynos 980, Exynos 990, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, and Exynos 2400 that involves a time-of-check to time-of-use (TOCTOU) race condition, which can lead to a Denial of Service.
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
This information is available to logged-in users. Login
Data is provided by the National Vulnerability Database (NVD)
Samsung ≫ Exynos 980 Firmware Version-
Samsung ≫ Exynos 990 Firmware Version-
Samsung ≫ Exynos 1080 Firmware Version-
Samsung ≫ Exynos 2100 Firmware Version-
Samsung ≫ Exynos 2200 Firmware Version-
Samsung ≫ Exynos 1280 Firmware Version-
Samsung ≫ Exynos 1380 Firmware Version-
Samsung ≫ Exynos 2400 Firmware Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.07% | 0.229 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 4.1 | 0.5 | 3.6 |
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
|
| cve@mitre.org | 5.1 | 0.8 | 4.2 |
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H
|
CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition
The product checks the state of a resource before using that resource, but the resource's state can change between the check and the use in a way that invalidates the results of the check. This can cause the product to perform invalid actions when the resource is in an unexpected state.