CVE-2024-31957

HIGH EPSS 23.5%

Published Jul 9, 20241y ago · Modified Jun 17, 20261w ago

7.5 CVSS 3.1

High

Published Jul 9, 2024 1y ago

Last Modified Jun 17, 2026 1w ago

Description

A vulnerability was discovered in Samsung Mobile Processors Exynos 2200 and Exynos 2400 where they lack a check for the validation of native handles, which can result in a DoS(Denial of Service) attack by unmapping an invalid length.

CVSS Details

Base Score

7.5

Exploitability

3.9

Impact

3.6

Vector string

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector Network

Attack Complexity Low

Privileges Required None

User Interaction None

Scope Unchanged

Confidentiality None

Integrity None

Availability High

Threat Intelligence

EPSS Exploit Probability

23.5% percentile

Exploit & Patch Status

No Known Exploit

No Patch Available

Weaknesses 1

CWE-1284

Affected Products 4

Vendor	Product	Version	Range
samsung	exynos_2200_firmware	*	any
samsung	exynos_2200	*	any
samsung	exynos_2400_firmware	*	any
samsung	exynos_2400	*	any

References 2

semiconductor.samsung.com https://semiconductor.samsung.com/support/quality-support/product-security-updates/

Vendor Advisory
semiconductor.samsung.com https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2024-31957/

Vendor Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.