CVE-2024-27367
📋 TL;DR
This vulnerability in Samsung Exynos wearable and mobile processors allows attackers to trigger an integer overflow and heap over-read in the slsi_rx_scan_ind() function due to missing input validation. This could potentially lead to information disclosure or system instability. Affected devices include smartphones and wearables using the listed Exynos processors.
💻 Affected Systems
- Samsung Mobile Processor Exynos Wearable Processor Exynos 980
- Exynos 850
- Exynos 1080
- Exynos 1280
- Exynos 1380
- Exynos 1330
- Exynos 1480
- Exynos W920
- Exynos W930
📦 What is this software?
⚠️ Risk & Real-World Impact
Worst Case
Information disclosure of kernel memory contents, potential system crash, or limited code execution in kernel context
Likely Case
System instability, application crashes, or limited information disclosure
If Mitigated
Minimal impact with proper memory protections and exploit mitigations in place
🎯 Exploit Status
Exploitation requires local access or malicious app installation; no public exploits known at this time
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Check Samsung security updates for specific device firmware versions
Vendor Advisory: https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2024-27367/
Restart Required: Yes
Instructions:
1. Check for security updates in device settings. 2. Apply available firmware updates from Samsung. 3. Reboot device after update installation.
🔧 Temporary Workarounds
Restrict app installation
allOnly install apps from trusted sources like official app stores
Disable unnecessary wireless features
allTurn off Wi-Fi scanning and Bluetooth when not needed
🧯 If You Can't Patch
- Isolate affected devices from sensitive networks
- Implement application allowlisting to prevent malicious app installation
🔍 How to Verify
Check if Vulnerable:
Check device model and processor information in Settings > About Phone, then compare with affected processor listCheck Version:
No single command; check through device settings interfaceVerify Fix Applied:
Check security patch level in Settings > About Phone > Software Information and verify it includes April 2024 or later patches📡 Detection & Monitoring
Log Indicators:
- Kernel panic logs
- Wi-Fi driver crash reports
- Memory corruption warnings in system logs
Network Indicators:
- Unusual Wi-Fi scanning patterns from affected devices
SIEM Query:
Device logs showing kernel memory access violations or Wi-Fi driver crashes on Samsung devices with affected Exynos processors