CVE-2024-27361
MEDIUM EPSS 2.5%
Published Jul 9, 20241y ago · Modified Jun 17, 20261w ago
4.1 CVSS 3.1
Published Jul 9, 2024 1y ago
Last Modified Jun 17, 2026 1w ago
Description
A vulnerability was discovered in Samsung Mobile Processor Exynos 980, Exynos 990, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, and Exynos 2400 that involves a time-of-check to time-of-use (TOCTOU) race condition, which can lead to a Denial of Service.
CVSS Details
Base Score
Exploitability
Impact
Vector string
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H Attack Vector Local
Attack Complexity High
Privileges Required High
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High
Threat Intelligence
EPSS Exploit Probability
2.5% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available
Weaknesses 1
CWE-367
Affected Products 16
| Vendor | Product | Version | Range |
|---|---|---|---|
| samsung | exynos_980_firmware | * | any |
| samsung | exynos_980 | * | any |
| samsung | exynos_990_firmware | * | any |
| samsung | exynos_990 | * | any |
| samsung | exynos_1080_firmware | * | any |
| samsung | exynos_1080 | * | any |
| samsung | exynos_2100_firmware | * | any |
| samsung | exynos_2100 | * | any |
| samsung | exynos_2200_firmware | * | any |
| samsung | exynos_2200 | * | any |
| samsung | exynos_1280_firmware | * | any |
| samsung | exynos_1280 | * | any |
| samsung | exynos_1380_firmware | * | any |
| samsung | exynos_1380 | * | any |
| samsung | exynos_2400_firmware | * | any |
| samsung | exynos_2400 | * | any |
References 2
- semiconductor.samsung.com https://semiconductor.samsung.com/support/quality-support/product-security-updates/
- semiconductor.samsung.com https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2024-27361/
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.