Total
10 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-40759 | 1 Samsung | 1 Mtower | 2022-09-21 | N/A | 7.5 HIGH |
| A NULL pointer dereference issue in the TEE_MACCompareFinal function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_MACCompareFinal with a NULL pointer for the parameter operation. | |||||
| CVE-2022-40758 | 1 Samsung | 1 Mtower | 2022-09-21 | N/A | 7.5 HIGH |
| A Buffer Access with Incorrect Length Value vulnerablity in the TEE_CipherUpdate function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_CipherUpdate with an excessive size value of srcLen. | |||||
| CVE-2022-40757 | 1 Samsung | 1 Mtower | 2022-09-21 | N/A | 7.5 HIGH |
| A Buffer Access with Incorrect Length Value vulnerablity in the TEE_MACComputeFinal function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_MACComputeFinal with an excessive size value of messageLen. | |||||
| CVE-2022-40761 | 1 Samsung | 1 Mtower | 2022-09-21 | N/A | 7.5 HIGH |
| The function tee_obj_free in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_AllocateOperation with a disturbed heap layout, related to utee_cryp_obj_alloc. | |||||
| CVE-2022-40760 | 1 Samsung | 1 Mtower | 2022-09-21 | N/A | 7.5 HIGH |
| A Buffer Access with Incorrect Length Value vulnerablity in the TEE_MACUpdate function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_MACUpdate with an excessive size value of chunkSize. | |||||
| CVE-2022-40762 | 1 Samsung | 1 Mtower | 2022-09-21 | N/A | 7.5 HIGH |
| A Memory Allocation with Excessive Size Value vulnerablity in the TEE_Realloc function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_Realloc with an excessive number for the parameter len. | |||||
| CVE-2022-36622 | 1 Samsung | 1 Mtower | 2022-09-07 | N/A | 7.5 HIGH |
| Samsung Electronics mTower v0.3.0 and earlier was discovered to contain a NULL pointer dereference via the function TEE_GetObjectInfo1. | |||||
| CVE-2022-36621 | 1 Samsung | 1 Mtower | 2022-09-07 | N/A | 7.5 HIGH |
| Samsung Electronics mTower v0.3.0 and earlier was discovered to contain a NULL pointer dereference via the function TEE_AllocateTransientObject. | |||||
| CVE-2022-38155 | 1 Samsung | 1 Mtower | 2022-08-15 | N/A | 7.5 HIGH |
| TEE_Malloc in Samsung mTower through 0.3.0 allows a trusted application to achieve Excessive Memory Allocation via a large len value, as demonstrated by a Numaker-PFM-M2351 TEE kernel crash. | |||||
| CVE-2022-35858 | 1 Samsung | 1 Mtower | 2022-08-10 | N/A | 7.8 HIGH |
| The TEE_PopulateTransientObject and __utee_from_attr functions in Samsung mTower 0.3.0 allow a trusted application to trigger a memory overwrite, denial of service, and information disclosure by invoking the function TEE_PopulateTransientObject with a large number in the parameter attrCount. | |||||