Vulnerabilities > CVE-2022-35858 - Memory Leak vulnerability in Samsung Mtower 0.3.0

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

samsung

CWE-401

NVD

Published: 2022-08-04

Updated: 2022-08-10

Summary

The TEE_PopulateTransientObject and __utee_from_attr functions in Samsung mTower 0.3.0 allow a trusted application to trigger a memory overwrite, denial of service, and information disclosure by invoking the function TEE_PopulateTransientObject with a large number in the parameter attrCount.

Vulnerable Configurations

Part	Description	Count
Application	Samsung Samsung Mtower 0.3.0	1

Common Weakness Enumeration (CWE)

CWE-401 - Improper Release of Memory Before Removing Last Reference ('Memory Leak')

References

https://github.com/Samsung/mTower/issues/71
https://github.com/Samsung/mTower/blob/18f4b592a8a973ce5972f4e2658ea0f6e3686284/tee/lib/libutee/tee_api_objects.c#L283