First published: Fri Jan 07 2022(Updated: )
An improper check or handling of exceptional conditions in NPU driver prior to SMR Jan-2022 Release 1 allows arbitrary memory write and code execution.
Credit: mobile.security@samsung.com mobile.security@samsung.com
Affected Software | Affected Version | How to fix |
---|---|---|
Google Android | =9.0 | |
Google Android | =10.0 | |
Google Android | =11.0 | |
Google Android | =12.0 | |
Samsung Exynos | ||
Samsung mobile devices | ||
All of | ||
Any of | ||
Google Android | =9.0 | |
Google Android | =10.0 | |
Google Android | =11.0 | |
Google Android | =12.0 | |
Samsung Exynos | ||
All of | ||
Any of | ||
=9.0 | ||
=10.0 | ||
=11.0 | ||
=12.0 | ||
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-22265 is a use-after-free vulnerability found in Samsung mobile devices with selected Exynos chipsets.
CVE-2022-22265 allows for malicious memory write and code execution on Samsung mobile devices with selected Exynos chipsets.
The severity of CVE-2022-22265 is not available.
To fix CVE-2022-22265, it is recommended to install the security update provided by Samsung.
You can find more information about CVE-2022-22265 on the Samsung Mobile Security Updates website.