This issue has been fixed in this firmware version. Firmware versions lower than 3.1_PRE or higher than 4.0_PDM are not affected. Users are advised to update their systems as soon as possible.
A race condition was discovered in the way SysV init scripts parse the /etc/crypttab file. This could lead to a denial of service if /etc/crypttab was writable by a user with a limited account.
A race condition was discovered in the way SysV init scripts parse the /etc/fstab file. This could lead to a denial of service if /etc/fstab was writable by a user with a limited account.
A race condition was discovered in the way SysV init scripts parse the /etc/grub/grub.conf file. This could lead to a denial of service if /etc/grub.conf was writable by a user with a limited account.
An issue was discovered in Samsung Tizen through 3.0_GBM (and 3.1_PRE). There is an unchecked return value in the Linux kernel in the snd_ctl_add function, causing a possible buffer overflow.
An issue was discovered in Samsung Tizen through 3.0_GBM (and 3.1_PRE). There is an unchecked return value in the Linux kernel in the snd_indirect_buffer function, causing a possible buffer
Fixed vulnerabilities in the current firmware
This issue has been fixed in this firmware version. Firmware versions lower than 3.1_PRE or higher than 4.0_PDM are not affected. Users are advised to update their systems as soon as possible. The most recent firmware releases for affected products will be available on the Samsung website going forward, and you can also check if your device is affected by checking the list of vulnerable models at http://www.samsungsecurity appliance .com/
CERTIFICATION
System Firmware Updates and Security
The following firmware versions are affected:
- 3.1_PRE, 3.2_PRE, 4.0_PDM, 4.1_PRE, 4.2_PQC
Mitigation Strategies
Users are advised to update their systems as soon as possible.
Timeline
Published on: 09/29/2022 03:15:00 UTC
Last modified on: 09/30/2022 20:04:00 UTC
References
- https://github.com/Samsung/TizenRT/blob/f8f776dd183246ad8890422c1ee5e8f33ab2aaaf/external/iotivity/iotivity_1.2-rel/resource/csdk/security/provisioning/src/provisioningdatabasemanager.c#L103
- https://github.com/Samsung/TizenRT/issues/5628
- https://www.sqlite.org/c3ref/exec.html
- https://github.com/Samsung/TizenRT/blob/f8f776dd183246ad8890422c1ee5e8f33ab2aaaf/external/iotivity/iotivity_1.2-rel/resource/csdk/security/provisioning/src/provisioningdatabasemanager.c#L107
- https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-40278