SB2023060622 - Multiple vulnerabilities in Samsung Mobile Firmware
Published: June 6, 2023
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 52 secuirty vulnerabilities.
1) Improper input validation (CVE-ID: CVE-2023-21121)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the System component. A local application can execute arbitrary code.
2) Improper input validation (CVE-ID: CVE-2023-21126)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the Framework component. A local application can execute arbitrary code.
3) Improper input validation (CVE-ID: CVE-2023-21128)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the Framework component. A local application can execute arbitrary code.
4) Improper input validation (CVE-ID: CVE-2023-21129)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the Framework component. A local application can execute arbitrary code.
5) Improper input validation (CVE-ID: CVE-2023-21131)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the Framework component. A local application can execute arbitrary code.
6) Improper input validation (CVE-ID: CVE-2023-21139)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the Framework component. A local application can execute arbitrary code.
7) Information exposure (CVE-ID: CVE-2023-21105)
The vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to improper input validation within the Framework component. A local application can gain access to sensitive information.
8) Improper input validation (CVE-ID: CVE-2023-21136)
The vulnerability allows a local application to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Framework component. A local application can perform a denial of service (DoS) attack.
9) Improper input validation (CVE-ID: CVE-2023-21137)
The vulnerability allows a local application to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Framework component. A local application can perform a denial of service (DoS) attack.
10) Improper input validation (CVE-ID: CVE-2023-21143)
The vulnerability allows a local application to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Framework component. A local application can perform a denial of service (DoS) attack.
11) Improper input validation (CVE-ID: CVE-2023-21115)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the System component. A local application can execute arbitrary code.
12) Improper input validation (CVE-ID: CVE-2023-21122)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the System component. A local application can execute arbitrary code.
13) Memory corruption (CVE-ID: CVE-2022-47488)
The vulnerability allows a local application to damange or delete data.
The vulnerability exists due to a possible out of bounds write due to a missing bounds check within the spipe drive in Kernel. A local application can damange or delete data.
14) Improper input validation (CVE-ID: CVE-2023-21123)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the System component. A local application can execute arbitrary code.
15) Improper input validation (CVE-ID: CVE-2023-21124)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the System component. A local application can execute arbitrary code.
16) Improper input validation (CVE-ID: CVE-2023-21135)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the System component. A local application can execute arbitrary code.
17) Improper input validation (CVE-ID: CVE-2023-21138)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the System component. A local application can execute arbitrary code.
18) Information exposure (CVE-ID: CVE-2023-21095)
The vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to improper input validation within the System component. A local application can gain access to sensitive information.
19) Information exposure (CVE-ID: CVE-2023-21141)
The vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to improper input validation within the System component. A local application can gain access to sensitive information.
20) Information exposure (CVE-ID: CVE-2023-21142)
The vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to improper input validation within the System component. A local application can gain access to sensitive information.
21) Improper input validation (CVE-ID: CVE-2023-21144)
The vulnerability allows a local application to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the System component. A local application can perform a denial of service (DoS) attack.
22) Improper Privilege Management (CVE-ID: CVE-2023-21513)
The vulnerability allows an attacker to escalate privileges on the device.
The vulnerability exists due to improper privilege management in CC Mode. An attacker with physical access to device can escalate privileges.
23) Out-of-bounds write (CVE-ID: CVE-2023-21517)
The vulnerability allows an attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing untrusted input in Exynos baseband. A remote attacker with physical proximity to device can trigger an out-of-bounds write and execute arbitrary code on the target device.
24) Improper access control (CVE-ID: CVE-2023-21512)
The vulnerability allows a malicious application to gain access to sensitive information.
The vulnerability exists due to improper Knox ID validation logic in notification framework. A malicious application can read work profile notifications without proper access permission.
25) Use-after-free (CVE-ID: CVE-2023-0266)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the snd_ctl_elem_read() function in the Linux kernel sound subsystem. A local user can trigger a use-after-free error and execute arbitrary code on the system.
Note, the vulnerability is being actively exploited in the wild.
26) Stack-based buffer overflow (CVE-ID: CVE-2022-47486)
The vulnerability allows a local privileged application to compromise the affected device.
The vulnerability exists due to a possible out of bounds read due to a missing bounds check within the ext4fsfilter driver in Kernel. A local privileged application can compromise the affected device.
27) Improper input validation (CVE-ID: CVE-2023-21127)
The vulnerability allows a remote attacker to execute arbitrary code.
The vulnerability exists due to improper input validation within the Framework component. A remote attacker can trick the victim to open a specially crafted file and execute arbitrary code.
28) Improper input validation (CVE-ID: CVE-2023-20698)
The vulnerability allows a local privileged application to gain access to sensitive information.
The vulnerability exists due to a missing bounds check within keyinstall. A local privileged application can gain access to sensitive information.
29) Improper input validation (CVE-ID: CVE-2023-21108)
The vulnerability allows a remote attacker to execute arbitrary code.
The vulnerability exists due to improper input validation within the System component. A remote attacker can trick the victim to open a specially crafted file and execute arbitrary code.
30) Improper input validation (CVE-ID: CVE-2023-21130)
The vulnerability allows a remote attacker to execute arbitrary code.
The vulnerability exists due to improper input validation within the System component. A remote attacker can trick the victim to open a specially crafted file and execute arbitrary code.
31) Buffer overflow (CVE-ID: CVE-2023-26085)
The vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to a boundary error in the Arm NNAPI driver. A local application can trigger memory corruption and execute arbitrary code with elevated privileges.
32) Out-of-bounds read (CVE-ID: CVE-2022-46396)
The vulnerability allows a local application to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition. A local application can trigger an out-of-bounds read error and read contents of memory on the system.
33) Use-after-free (CVE-ID: CVE-2022-46891)
The vulnerability allows a local application to escalate privileges on the system.
34) Use-after-free (CVE-ID: CVE-2022-46395)
The vulnerability allows a local application to escalate privileges on the system.
35) Use-after-free (CVE-ID: CVE-2022-46394)
The vulnerability allows a local application to escalate privileges on the system.
36) Buffer overflow (CVE-ID: CVE-2021-0877)
The vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to a boundary error in PowerVR-GPU. A local user can trigger memory corruption and execute arbitrary code with elevated privileges.
37) Security features bypass (CVE-ID: CVE-2023-21102)
The vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists die to a logic error within the __efi_rt_asm_wrapper() function in efi-rt-wrapper.S. A local application can bypass the shadow stack protection and execute arbitrary code with elevated privileges.
38) Double Free (CVE-ID: CVE-2023-21106)
The vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to a boundary error within the adreno_set_param() function in adreno_gpu.c. A local application can trigger a double free error and execute arbitrary code with elevated privileges.
39) Improper input validation (CVE-ID: CVE-2023-20697)
The vulnerability allows a local privileged application to gain access to sensitive information.
The vulnerability exists due to a missing bounds check within keyinstall. A local privileged application can gain access to sensitive information.
40) Improper Access Control (CVE-ID: CVE-2023-20726)
The vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to a missing permission check within mnld. A local application can gain access to sensitive information.
41) Stack-based buffer overflow (CVE-ID: CVE-2022-47470)
The vulnerability allows a local privileged application to compromise the affected device.
The vulnerability exists due to a possible out of bounds read due to a missing bounds check within the ext4fsfilter driver in Kernel. A local privileged application can compromise the affected device.
42) Improper input validation (CVE-ID: CVE-2023-20694)
The vulnerability allows a local privileged application to execute arbitrary code.
The vulnerability exists due to a missing bounds check within preloader. A local privileged application can execute arbitrary code.
43) Improper input validation (CVE-ID: CVE-2023-20695)
The vulnerability allows a local privileged application to execute arbitrary code.
The vulnerability exists due to a missing bounds check within preloader. A local privileged application can execute arbitrary code.
44) Improper input validation (CVE-ID: CVE-2023-20696)
The vulnerability allows a local privileged application to execute arbitrary code.
The vulnerability exists due to a missing bounds check within preloader. A local privileged application can execute arbitrary code.
45) Type conversion (CVE-ID: CVE-2023-21665)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation in Graphics. A local application can execute arbitrary code.
46) Memory leak (CVE-ID: CVE-2023-21666)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation in Graphics. A local application can execute arbitrary code.
47) Reachable Assertion (CVE-ID: CVE-2022-40508)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation in Modem. A remote attacker can perform a denial of service (DoS) attack.
48) Reachable Assertion (CVE-ID: CVE-2022-40504)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation in Modem. A remote attacker can perform a denial of service (DoS) attack.
49) Reachable Assertion (CVE-ID: CVE-2022-34144)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation in Modem. A remote attacker can perform a denial of service (DoS) attack.
50) NULL Pointer Dereference (CVE-ID: CVE-2022-33305)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation in Modem. A remote attacker can perform a denial of service (DoS) attack.
51) Buffer overflow (CVE-ID: CVE-2022-47487)
The vulnerability allows a remote attacker to read and manipulate data.
The vulnerability exists due to a possible out of bounds write due to a missing bounds check within the thermal service in Android. A remote attacker can trick the victim to open a specially crafted file and read and manipulate data.
52) Out-of-bounds write (CVE-ID: CVE-2022-47469)
The vulnerability allows a local privileged application to compromise the affected device.
The vulnerability exists due to a possible out of bounds read due to a missing bounds check within the ext4fsfilter driver in Kernel. A local privileged application can compromise the affected device.
Remediation
Install update from vendor's website.