Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The TEE_PopulateTransientObject and __utee_from_attr functions in Samsung mTower 0.3.0 allow a trusted application to trigger a memory overwrite, denial of service, and information disclosure by invoking the function TEE_PopulateTransientObject with a large number in the parameter attrCount.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
SAMSUNG mTower 安全漏洞
Vulnerability Description
SAMSUNG mTower是韩国三星(SAMSUNG)公司的一种新的可信执行环境 (TEE)。 SAMSUNG mTower 0.3.0版本存在安全漏洞,该漏洞源于TEE_PopulateTransientObject 和 _utee_from_attr 函数允许受信任的应用程序通过参数 attrCount 调用具有大量数字的函数 TEE_PopulateTransientObject 来触发内存覆盖、拒绝服务和信息泄露等。
CVSS Information
N/A
Vulnerability Type
N/A