Stack-based buffer overflow in OTP TrustZone trustlet on Samsung mobile devices with software through 2016-09-13 (Exynos AP chipsets)

Stack-based buffer overflow in OTP TrustZone trustlet on Samsung mobile devices with software through 2016-09-13 (Exynos AP chipsets)

CVE-2016-11028 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

An issue was discovered on Samsung mobile devices with software through 2016-09-13 (Exynos AP chipsets). There is a stack-based buffer overflow in the OTP TrustZone trustlet. The Samsung IDs are SVE-2016-7173 and SVE-2016-7174 (December 2016).

Learn more about our Cis Benchmark Audit For Mobile Devices.