Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Mtower
(Samsung)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 13 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-08-04 | CVE-2022-35858 | The TEE_PopulateTransientObject and __utee_from_attr functions in Samsung mTower 0.3.0 allow a trusted application to trigger a memory overwrite, denial of service, and information disclosure by invoking the function TEE_PopulateTransientObject with a large number in the parameter attrCount. | Mtower | 7.8 | ||
| 2022-08-11 | CVE-2022-38155 | TEE_Malloc in Samsung mTower through 0.3.0 allows a trusted application to achieve Excessive Memory Allocation via a large len value, as demonstrated by a Numaker-PFM-M2351 TEE kernel crash. | Mtower | 7.5 | ||
| 2022-09-01 | CVE-2022-36621 | Samsung Electronics mTower v0.3.0 and earlier was discovered to contain a NULL pointer dereference via the function TEE_AllocateTransientObject. | Mtower | 7.5 | ||
| 2022-09-01 | CVE-2022-36622 | Samsung Electronics mTower v0.3.0 and earlier was discovered to contain a NULL pointer dereference via the function TEE_GetObjectInfo1. | Mtower | 7.5 | ||
| 2022-09-05 | CVE-2022-39828 | sign_pFwInfo in Samsung mTower through 0.3.0 has a missing check on the return value of EC_KEY_set_private_key, leading to a denial of service. | Mtower | 7.5 | ||
| 2022-09-05 | CVE-2022-39830 | sign_pFwInfo in Samsung mTower through 0.3.0 has a missing check on the return value of EC_KEY_set_public_key_affine_coordinates, leading to a denial of service. | Mtower | 7.5 | ||
| 2022-09-05 | CVE-2022-39829 | There is a NULL pointer dereference in aes256_encrypt in Samsung mTower through 0.3.0 due to a missing check on the return value of EVP_CIPHER_CTX_new. | Mtower | 7.5 | ||
| 2022-09-16 | CVE-2022-40757 | A Buffer Access with Incorrect Length Value vulnerablity in the TEE_MACComputeFinal function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_MACComputeFinal with an excessive size value of messageLen. | Mtower | 7.5 | ||
| 2022-09-16 | CVE-2022-40758 | A Buffer Access with Incorrect Length Value vulnerablity in the TEE_CipherUpdate function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_CipherUpdate with an excessive size value of srcLen. | Mtower | 7.5 | ||
| 2022-09-16 | CVE-2022-40759 | A NULL pointer dereference issue in the TEE_MACCompareFinal function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_MACCompareFinal with a NULL pointer for the parameter operation. | Mtower | 7.5 |