CVE-2022-40762
First published: Fri Sep 16 2022(Updated: )
A Memory Allocation with Excessive Size Value vulnerablity in the TEE_Realloc function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_Realloc with an excessive number for the parameter len.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Samsung mTower | <=0.3.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2022-40762.
What is the severity level of CVE-2022-40762?
CVE-2022-40762 has a severity level of high.
What is the affected software?
The affected software is Samsung mTower version up to and including 0.3.0.
How can this vulnerability be exploited?
This vulnerability can be exploited by a trusted application invoking the TEE_Realloc function with an excessive value for the parameter len, leading to a Denial of Service (DoS) attack.
Are there any known fixes or patches for this vulnerability?
At the moment, there is no information available regarding fixes or patches for this vulnerability. It is recommended to monitor the official Samsung mTower repository or contact Samsung for updates.
- collector/nvd-index
- agent/severity
- agent/weakness
- agent/references
- agent/author
- agent/type
- agent/event
- agent/description
- agent/last-modified-date
- agent/remedy
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/samsung
- canonical/samsung mtower
- version/samsung mtower/0.3.0