CVE-2020-10841 - An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) (Exynos 9610 chipsets) sof

CVE-2020-10841

Summary

An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) (Exynos 9610 chipsets) software. There is an arbitrary kfree in the vipx and vertex drivers. The Samsung ID is SVE-2019-16294 (February 2020).

References

https://security.samsungmobile.com/securityUpdate.smsb

Vulnerable Configurations

cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_9610:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_9610:-:*:*:*:*:*:*:*

CVSS

Base:	4.6 (as of 26-03-2020 - 19:15)
Impact:
Exploitability:

CWE

NVD-CWE-noinfo

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:L/AC:L/Au:N/C:P/I:P/A:P

refmap via4

confirm

https://security.samsungmobile.com/securityUpdate.smsb

Last major update

26-03-2020 - 19:15

Published

24-03-2020 - 18:15

Last modified

26-03-2020 - 19:15