Vulnerabilities > CVE-2024-31960 - Use After Free vulnerability in Samsung Exynos 1480 Firmware and Exynos 2400 Firmware

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

samsung

CWE-416

NVD

Published: 2024-09-10

Updated: 2024-09-24

Summary

An issue was discovered in Samsung Mobile Processor Exynos 1480, Exynos 2400. The xclipse amdgpu driver has a reference count bug. This can lead to a use after free.

Vulnerable Configurations

Part	Description	Count
OS	Samsung Samsung Exynos 1480 Firmware - Samsung Exynos 2400 Firmware -	2
Hardware	Samsung Samsung Exynos 1480 - Samsung Exynos 2400 -	2

Common Weakness Enumeration (CWE)

CWE-416 - Use After Free

References

https://semiconductor.samsung.com/support/quality-support/product-security-updates/
https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2024-31960/