CVE-2024-27361

MEDIUM EPSS 2.5%
Published Jul 9, 20241y ago · Modified Jun 17, 20261w ago
4.1 CVSS 3.1
Medium
Find Similar
Published Jul 9, 2024 1y ago
Last Modified Jun 17, 2026 1w ago

Description

A vulnerability was discovered in Samsung Mobile Processor Exynos 980, Exynos 990, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, and Exynos 2400 that involves a time-of-check to time-of-use (TOCTOU) race condition, which can lead to a Denial of Service.

CVSS Details

Base Score
4.1
Exploitability
0.5
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity High
Privileges Required High
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
2.5% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-367

Affected Products 16

VendorProductVersionRange
samsungexynos_980_firmware*any
samsungexynos_980*any
samsungexynos_990_firmware*any
samsungexynos_990*any
samsungexynos_1080_firmware*any
samsungexynos_1080*any
samsungexynos_2100_firmware*any
samsungexynos_2100*any
samsungexynos_2200_firmware*any
samsungexynos_2200*any
samsungexynos_1280_firmware*any
samsungexynos_1280*any
samsungexynos_1380_firmware*any
samsungexynos_1380*any
samsungexynos_2400_firmware*any
samsungexynos_2400*any

References 2

  • semiconductor.samsung.com https://semiconductor.samsung.com/support/quality-support/product-security-updates/
    Vendor Advisory
  • semiconductor.samsung.com https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2024-27361/
    Vendor Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.