Integer Overflow Vulnerability in Samsung Mobile Devices (SVE-2017-9008 and SVE-2017-9009)

Integer Overflow Vulnerability in Samsung Mobile Devices (SVE-2017-9008 and SVE-2017-9009)

CVE-2017-18651 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

An issue was discovered on Samsung mobile devices with M(6.x) and N(7.x) software. There is an Integer Overflow in process_M_SetTokenTUIPasswd during handling of a trusted application, leading to memory corruption. The Samsung IDs are SVE-2017-9008 and SVE-2017-9009 (October 2017).

Learn more about our Cis Benchmark Audit For Mobile Devices.