Skip to content

CVE-2024-27386

In the function slsi_handle_nan_rx_event_log_ind(), there is no input validation check on tag_len for tx coming from userspace, which can lead to heap overwrite in Samsung Mobile Processor

Jul 01, 2024

This table summarizes key information about the CVE-2024-27386, including its identifier, title, affected products, versions, severity, reporting date, patched versions, and acknowledgement status.
Category Content
CVE ID CVE-2024-27386
Description In the function slsi_handle_nan_rx_event_log_ind(), there is no input validation check on tag_len for tx coming from userspace, which can lead to heap overwrite in Samsung Mobile Processor
Affected Version Exynos 1380, Exynos 1480
Severity Medium
Reported Date 2024-01-31
Acknowledgment jiayy

Would you like to
leave this page?
If you leave this page, the content you are creating
will not be saved.

Registration Are you sure you want to submit this?

Thank you! Please confirm your registration

Your subscription is not active yet!
An email with an activation link
has just been sent to your email address.
Please activate your subscription by clicking on
the activation link inside the email.

Confirm
Thank you! Please confirm

your existing registration

You have already registered, but before we can send you the
information about upcoming events, we need your confirmation.

If you missed our previous email, please use the button below to resend it.
To activate your subscription, please click on the link included in the email.

Resend
Alert

To proceed, please click on the "check" button located in the email section.

Confirm