Samsung

Mtower

13 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2022-40757

  • EPSS 0.38%
  • Veröffentlicht 16.09.2022 22:15:12
  • Zuletzt bearbeitet 21.11.2024 07:21:59

A Buffer Access with Incorrect Length Value vulnerablity in the TEE_MACComputeFinal function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_MACComputeFinal with an excess...

7.5

CVE-2022-40758

  • EPSS 0.38%
  • Veröffentlicht 16.09.2022 22:15:12
  • Zuletzt bearbeitet 21.11.2024 07:22:00

A Buffer Access with Incorrect Length Value vulnerablity in the TEE_CipherUpdate function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_CipherUpdate with an excessive si...

7.5

CVE-2022-40759

  • EPSS 0.38%
  • Veröffentlicht 16.09.2022 22:15:12
  • Zuletzt bearbeitet 21.11.2024 07:22:00

A NULL pointer dereference issue in the TEE_MACCompareFinal function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_MACCompareFinal with a NULL pointer for the parameter ...

7.5

CVE-2022-40760

  • EPSS 0.46%
  • Veröffentlicht 16.09.2022 22:15:12
  • Zuletzt bearbeitet 21.11.2024 07:22:00

A Buffer Access with Incorrect Length Value vulnerablity in the TEE_MACUpdate function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_MACUpdate with an excessive size val...

7.5

CVE-2022-40761

  • EPSS 0.77%
  • Veröffentlicht 16.09.2022 22:15:12
  • Zuletzt bearbeitet 21.11.2024 07:22:00

The function tee_obj_free in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_AllocateOperation with a disturbed heap layout, related to utee_cryp_obj_alloc.

7.5

CVE-2022-40762

  • EPSS 0.38%
  • Veröffentlicht 16.09.2022 22:15:12
  • Zuletzt bearbeitet 21.11.2024 07:22:00

A Memory Allocation with Excessive Size Value vulnerablity in the TEE_Realloc function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_Realloc with an excessive number for...

7.5

CVE-2022-39828

Exploit
  • EPSS 0.42%
  • Veröffentlicht 05.09.2022 04:15:08
  • Zuletzt bearbeitet 21.11.2024 07:18:20

sign_pFwInfo in Samsung mTower through 0.3.0 has a missing check on the return value of EC_KEY_set_private_key, leading to a denial of service.

7.5

CVE-2022-39829

Exploit
  • EPSS 0.42%
  • Veröffentlicht 05.09.2022 04:15:08
  • Zuletzt bearbeitet 21.11.2024 07:18:20

There is a NULL pointer dereference in aes256_encrypt in Samsung mTower through 0.3.0 due to a missing check on the return value of EVP_CIPHER_CTX_new.

7.5

CVE-2022-39830

Exploit
  • EPSS 0.42%
  • Veröffentlicht 05.09.2022 04:15:08
  • Zuletzt bearbeitet 21.11.2024 07:18:20

sign_pFwInfo in Samsung mTower through 0.3.0 has a missing check on the return value of EC_KEY_set_public_key_affine_coordinates, leading to a denial of service.

7.5

CVE-2022-36621

  • EPSS 0.59%
  • Veröffentlicht 01.09.2022 21:15:10
  • Zuletzt bearbeitet 21.11.2024 07:13:25

Samsung Electronics mTower v0.3.0 and earlier was discovered to contain a NULL pointer dereference via the function TEE_AllocateTransientObject.