Samsung Mobile Devices vulnerabilities

CVE-2022-28794 [LOW] CWE-213 CVE-2022-28794: Sensitive information exposure in low-battery dumpstate log prior to SMR Jun-2022 Release 1 allows l Sensitive information exposure in low-battery dumpstate log prior to SMR Jun-2022 Release 1 allows local attackers to get SIM card information.

CVE-2022-30728 [LOW] CWE-213 CVE-2022-30728: Information exposure vulnerability in ScanPool prior to SMR Jun-2022 Release 1 allows local attacker Information exposure vulnerability in ScanPool prior to SMR Jun-2022 Release 1 allows local attackers to get MAC address information.

CVE-2022-30714 [LOW] CWE-213 CVE-2022-30714: Information exposure vulnerability in SemIWCMonitor prior to SMR Jun-2022 Release 1 allows local att Information exposure vulnerability in SemIWCMonitor prior to SMR Jun-2022 Release 1 allows local attackers to get MAC address information.

CVE-2022-28783 [HIGH] CWE-20 CVE-2022-28783: Improper validation of removing package name in Galaxy Themes prior to SMR May-2022 Release 1 allows Improper validation of removing package name in Galaxy Themes prior to SMR May-2022 Release 1 allows attackers to uninstall arbitrary packages without permission. The patch adds proper validation logic for removing package name.

CVE-2022-28781 [MEDIUM] CWE-20 CVE-2022-28781: Improper input validation in Settings prior to SMR-May-2022 Release 1 allows attackers to launch arb Improper input validation in Settings prior to SMR-May-2022 Release 1 allows attackers to launch arbitrary activity with system privilege. The patch adds proper validation logic to check the caller.

CVE-2022-28785 [MEDIUM] CWE-125 CVE-2022-28785: Improper buffer size check logic in aviextractor library prior to SMR May-2022 Release 1 allows out Improper buffer size check logic in aviextractor library prior to SMR May-2022 Release 1 allows out of bounds read leading to possible temporary denial of service. The patch adds buffer size check logic.

CVE-2022-28782 [MEDIUM] CWE-424 CVE-2022-28782: Improper access control vulnerability in Contents To Window prior to SMR May-2022 Release 1 allows p Improper access control vulnerability in Contents To Window prior to SMR May-2022 Release 1 allows physical attacker to install package before completion of Setup wizard. The patch blocks entry point of the vulnerability.

CVE-2022-28793 [MEDIUM] CWE-754 CVE-2022-28793: Given the TEE is compromised and controlled by the attacker, improper state maintenance in StrongBox Given the TEE is compromised and controlled by the attacker, improper state maintenance in StrongBox allows attackers to change Android ROT during device boot cycle after compromising TEE. The patch is applied in Galaxy S22 to prevent change of Android ROT after first initialization at boot time.

CVE-2022-28786 [MEDIUM] CWE-125 CVE-2022-28786: Improper buffer size check logic in aviextractor library prior to SMR May-2022 Release 1 allows out Improper buffer size check logic in aviextractor library prior to SMR May-2022 Release 1 allows out of bounds read leading to possible temporary denial of service. The patch adds buffer size check logic.

CVE-2022-28787 [MEDIUM] CWE-125 CVE-2022-28787: Improper buffer size check logic in wmfextractor library prior to SMR May-2022 Release 1 allows out Improper buffer size check logic in wmfextractor library prior to SMR May-2022 Release 1 allows out of bounds read leading to possible temporary denial of service. The patch adds buffer size check logic.

CVE-2022-28780 [MEDIUM] CWE-284 CVE-2022-28780: Improper access control vulnerability in Weather prior to SMR May-2022 Release 1 allows that attacke Improper access control vulnerability in Weather prior to SMR May-2022 Release 1 allows that attackers can access location information that set in Weather without permission. The patch adds proper protection to prevent access to location information.

CVE-2022-28788 [MEDIUM] CWE-125 CVE-2022-28788: Improper buffer size check logic in aviextractor library prior to SMR May-2022 Release 1 allows out Improper buffer size check logic in aviextractor library prior to SMR May-2022 Release 1 allows out of bounds read leading to possible temporary denial of service. The patch adds buffer size check logic.

CVE-2022-28784 [LOW] CWE-22 CVE-2022-28784: Path traversal vulnerability in Galaxy Themes prior to SMR May-2022 Release 1 allows attackers to li Path traversal vulnerability in Galaxy Themes prior to SMR May-2022 Release 1 allows attackers to list file names in arbitrary directory as system user. The patch addresses incorrect implementation of file path validation check logic.

CVE-2022-27568 [CRITICAL] CWE-122 CVE-2022-27568: Heap-based buffer overflow vulnerability in parser_iloc function in libsimba library prior to SMR Ap Heap-based buffer overflow vulnerability in parser_iloc function in libsimba library prior to SMR Apr-2022 Release 1 allows code execution by remote attacker.

CVE-2022-27572 [CRITICAL] CWE-122 CVE-2022-27572: Heap-based buffer overflow vulnerability in parser_ipma function of libsimba library prior to SMR Ap Heap-based buffer overflow vulnerability in parser_ipma function of libsimba library prior to SMR Apr-2022 Release 1 allows code execution by remote attackers.

CVE-2022-26098 [CRITICAL] CWE-122 CVE-2022-26098: Heap-based buffer overflow vulnerability in sheifd_create function of libsimba library prior to SMR Heap-based buffer overflow vulnerability in sheifd_create function of libsimba library prior to SMR Apr-2022 Release 1 allows code execution by remote attackers.

CVE-2022-26093 [CRITICAL] CWE-476 CVE-2022-26093: Null pointer dereference vulnerability in parser_irot function in libsimba library prior to SMR Apr- Null pointer dereference vulnerability in parser_irot function in libsimba library prior to SMR Apr-2022 Release 1 allows out of bounds write by remote attacker.

CVE-2022-27569 [CRITICAL] CWE-122 CVE-2022-27569: Heap-based buffer overflow vulnerability in parser_infe function in libsimba library prior to SMR Ap Heap-based buffer overflow vulnerability in parser_infe function in libsimba library prior to SMR Apr-2022 Release 1 allows code execution by remote attacker.

CVE-2022-26096 [CRITICAL] CWE-476 CVE-2022-26096: Null pointer dereference vulnerability in parser_ispe function in libsimba library prior to SMR Apr- Null pointer dereference vulnerability in parser_ispe function in libsimba library prior to SMR Apr-2022 Release 1 allows out of bounds write by remote attacker.

CVE-2022-27567 [CRITICAL] CWE-476 CVE-2022-27567: Null pointer dereference vulnerability in parser_hvcC function of libsimba library prior to SMR Apr- Null pointer dereference vulnerability in parser_hvcC function of libsimba library prior to SMR Apr-2022 Release 1 allows out of bounds write by remote attackers.