CVE-2024-39890
First published: Mon Dec 02 2024(Updated: )
An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300. The baseband software does not properly check the length specified by the CC (Call Control). This can lead to an Out-of-Bounds write.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Samsung Exynos | >=980<=990>=850<=2100>=1280<=2200>=1330<=1380>=1480<=2400 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2024-39890?
The severity of CVE-2024-39890 is considered high due to improper input validation in the baseband software.
How do I fix CVE-2024-39890?
To fix CVE-2024-39890, users should update their devices to the latest firmware provided by Samsung that addresses this vulnerability.
Which devices are affected by CVE-2024-39890?
CVE-2024-39890 affects various Samsung mobile processors and wearable processors including Exynos 9820, 9825, and others listed in the vulnerability report.
What kind of attacks can exploit CVE-2024-39890?
CVE-2024-39890 can potentially allow attackers to cause denial of service or escalate privileges on affected devices.
Is there a workaround for CVE-2024-39890?
Currently, there are no known workarounds for CVE-2024-39890, and the recommended action is to apply the latest firmware updates.
- agent/references
- agent/first-publish-date
- agent/type
- agent/description
- agent/severity
- agent/author
- collector/nvd-api
- source/NVD
- agent/last-modified-date
- agent/weakness
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/source
- agent/softwarecombine
- agent/tags
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/samsung
- canonical/samsung exynos