CVE-2022-40762 An excessive size value vulnerability in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service.

An attacker can send a very large value to the function TEE_Realloc, triggering a buffer overflow and crashing the application. This issue can be exploited remotely via a maliciously crafted application. This issue affects the Galaxy S10 and S10+. Samsung mTower through 0.3.0 contains a Memory Allocation with Excessive Size Value vulnerablity. An attacker can send a very large value to the function TEE_Realloc, triggering a buffer overflow and crashing the application. This issue can be exploited remotely via a maliciously crafted application. This issue affects the Galaxy S10 and S10+. CVE-2019-0537 TheTEE_Realloc function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_Realloc with an excessive number for the parameter len.An attacker can send a very large value to the function TEE_Realloc, triggering a buffer overflow and crashing the application. This issue can be exploited remotely via a maliciously crafted application. This issue affects the Galaxy S10 and S10+. CVE-2019-0538 TheTEE_Realloc function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_Realloc with an excessive number for the parameter len.An attacker can send a very large value to the function TEE_

Galaxy S10 and S10+ Software Analysis

An attacker can send a very large value to the function TEE_Realloc, triggering a buffer overflow and crashing the application. This issue can be exploited remotely via a maliciously crafted application. This issue affects the Galaxy S10 and S10+.

Timeline

Published on: 09/16/2022 22:15:00 UTC
Last modified on: 09/21/2022 19:35:00 UTC

References