← Back

CVE-2024-27361

nvd nist
Published: Jul 9, 2024Modified: Jun 26, 2025

JSON object

Loading...
4.1
Vector
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
Exploitability: 0.5 / Impact: 3.6
Source: NVD

Description

A vulnerability was discovered in Samsung Mobile Processor Exynos 980, Exynos 990, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, and Exynos 2400 that involves a time-of-check to time-of-use (TOCTOU) race condition, which can lead to a Denial of Service.

Affected (8)

Samsung
8 products
Exynos 980 Firmware
Exynos 990 Firmware
Exynos 1080 Firmware
Exynos 2100 Firmware
Exynos 2200 Firmware
Exynos 1280 Firmware
Exynos 1380 Firmware
Exynos 2400 Firmware
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Exynos 980 Firmware
All versions
Running on/withPlatform Versions
Samsung
Exynos 980
All versions
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Exynos 990 Firmware
All versions
Running on/withPlatform Versions
Samsung
Exynos 990
All versions
Configuration C
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Exynos 1080 Firmware
All versions
Running on/withPlatform Versions
Samsung
Exynos 1080
All versions
Configuration D
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Exynos 2100 Firmware
All versions
Running on/withPlatform Versions
Samsung
Exynos 2100
All versions
Configuration E
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Exynos 2200 Firmware
All versions
Running on/withPlatform Versions
Samsung
Exynos 2200
All versions
Configuration F
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Exynos 1280 Firmware
All versions
Running on/withPlatform Versions
Samsung
Exynos 1280
All versions
Configuration G
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Exynos 1380 Firmware
All versions
Running on/withPlatform Versions
Samsung
Exynos 1380
All versions
Configuration H
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Exynos 2400 Firmware
All versions
Running on/withPlatform Versions
Samsung
Exynos 2400
All versions

Related CWEs

CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
The product checks the state of a resource before using that resource, but the resource's state can change between the check and the use in a way that invalidates the results of the check. This can cause the product to perform invalid actions when the resource is in an unexpected state.

References (4)

Source: cve@mitre.org
Vendor Advisory
Source: cve@mitre.org
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

Timeline

No history available yet.