CVE-2024-32504
First published: Thu Jun 13 2024(Updated: )
An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 850, Exynos 1080, Exynos 2100, Exynos 1280, Exynos 1380, Exynos 1330, Exynos W920, Exynos W930. The mobile processor lacks proper length checking, which can result in an OOB (Out-of-Bounds) Write vulnerability.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| Samsung Exynos 850 firmware | ||
| Samsung Exynos 850 | ||
| All of | ||
| Samsung Exynos 1080 Firmware | ||
| Samsung Exynos 1080 | ||
| All of | ||
| Samsung Exynos 2100 firmware | ||
| Samsung Exynos 2100 firmware | ||
| All of | ||
| Samsung Exynos 1280 firmware | ||
| Samsung Exynos 1280 | ||
| All of | ||
| Samsung Exynos 1380 firmware | ||
| Samsung Mobile Processor Exynos 1380 | ||
| All of | ||
| Samsung Exynos 1330 firmware | ||
| Samsung Exynos 1330 firmware | ||
| All of | ||
| Samsung Exynos W920 firmware | ||
| Samsung Exynos W920 firmware | ||
| All of | ||
| Samsung Exynos W930 firmware | ||
| Samsung Exynos W930 firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2024-32504?
CVE-2024-32504 is classified as a high severity vulnerability due to the potential for out-of-bounds write exploitation.
How do I fix CVE-2024-32504?
To mitigate CVE-2024-32504, ensure that you are using the latest firmware updates provided by Samsung for affected Exynos processors.
Which Samsung processors are affected by CVE-2024-32504?
CVE-2024-32504 affects Samsung Exynos 850, Exynos 1080, Exynos 2100, Exynos 1280, Exynos 1380, Exynos 1330, Exynos W920, and Exynos W930.
What is an Out-of-Bounds Write vulnerability in CVE-2024-32504?
An Out-of-Bounds Write vulnerability allows an attacker to write data outside the allocated memory, potentially leading to system crashes or exploitation.
Can CVE-2024-32504 be exploited remotely?
Yes, CVE-2024-32504 can potentially be exploited remotely if the vulnerable software implementation is exposed to untrusted inputs.
- agent/references
- agent/type
- agent/first-publish-date
- agent/description
- agent/author
- agent/event
- agent/severity
- agent/weakness
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/samsung
- canonical/samsung exynos 850 firmware
- canonical/samsung exynos 850
- canonical/samsung exynos 1080 firmware
- canonical/samsung exynos 1080
- canonical/samsung exynos 2100 firmware
- canonical/samsung exynos 1280 firmware
- canonical/samsung exynos 1280
- canonical/samsung exynos 1380 firmware
- canonical/samsung mobile processor exynos 1380
- canonical/samsung exynos 1330 firmware
- canonical/samsung exynos w920 firmware
- canonical/samsung exynos w930 firmware