Skip to content

CVE-2024-27385

In the function slsi_handle_nan_rx_event_log_ind(), there is no input validation check on tag_len for rx coming from userspace, which can lead to heap overwrite in Samsung Mobile Processor

Jul 01, 2024

This table summarizes key information about the CVE-2024-27385, including its identifier, title, affected products, versions, severity, reporting date, patched versions, and acknowledgement status.
Category Content
CVE ID CVE-2024-27385
Description In the function slsi_handle_nan_rx_event_log_ind(), there is no input validation check on tag_len for rx coming from userspace, which can lead to heap overwrite in Samsung Mobile Processor
Affected Version Exynos 1380, Exynos 1480
Severity Medium
Reported Date 2024-01-31
Acknowledgment jiayy