CVE-2022-40757
published 2022-09-16CVE-2022-40757: A Buffer Access with Incorrect Length Value vulnerablity in the TEE_MACComputeFinal function in Samsung mTower through 0.3.0 allows a trusted application to…
high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
A Buffer Access with Incorrect Length Value vulnerablity in the TEE_MACComputeFinal function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_MACComputeFinal with an excessive size value of messageLen.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| samsung | mtower | <= 0.3.0 | — |