CVE-2023-40218 Information

Description

An issue was discovered in the NPU kernel driver in Samsung Exynos Mobile Processor 9820 980 2100 2200 1280 and 1380. An integer overflow can bypass detection of error cases via a crafted application.

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Reference

https://semiconductor.samsung.com/support/quality-support/product-security-updates/

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

REQUIRED

Confidentiality Impact

UNCHANGED

Integrity Impact

NONE

Availability Impact

LOW

Base Score

NONE

Base Severity

3.3