CVE-2024-46922 – A null pointer dereference vulnerability in Sam... (How to Fix)

Q: What is the severity of CVE-2024-46922?

CVE-2024-46922 has a CVSS score of 7.5 (HIGH). A null pointer dereference vulnerability in Samsung Exynos 1480 and 2400 mobile processors' Xclipse GPU driver allows attackers to cause denial of service by triggering a crash in the amdgpu_cs_parser_bos function. This affects devices using these specific Samsung processors, primarily certain Samsung Galaxy smartphones and tablets. The vulnerability requires local access to the device.

📋 TL;DR

A null pointer dereference vulnerability in Samsung Exynos 1480 and 2400 mobile processors' Xclipse GPU driver allows attackers to cause denial of service by triggering a crash in the amdgpu_cs_parser_bos function. This affects devices using these specific Samsung processors, primarily certain Samsung Galaxy smartphones and tablets. The vulnerability requires local access to the device.

💻 Affected Systems

Products:

Samsung Galaxy devices with Exynos 1480 processor
Samsung Galaxy devices with Exynos 2400 processor

Versions: All versions prior to Samsung's security patch addressing CVE-2024-46922

Operating Systems: Android with affected Samsung GPU drivers

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects devices with specific Samsung Exynos processors; other Samsung devices or processors are not vulnerable.

📦 What is this software?

Exynos 1480 Firmware by Samsung

View all CVEs affecting Exynos 1480 Firmware →

Exynos 2400 Firmware by Samsung

View all CVEs affecting Exynos 2400 Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete device crash requiring hard reboot, potentially causing data loss or corruption if exploited during critical operations.

🟠

Likely Case

Temporary denial of service causing application crashes or system instability until device restart.

🟢

If Mitigated

Minimal impact with proper patching; at most temporary performance degradation if exploit attempts are blocked.

🌐 Internet-Facing: LOW - Requires local access to device; not directly exploitable over network.

🏢 Internal Only: MEDIUM - Malicious apps or compromised users could exploit locally to disrupt device functionality.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires local code execution or malicious app installation; not trivial to exploit remotely.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Samsung security patch addressing CVE-2024-46922 (specific version varies by device model)

Vendor Advisory: https://semiconductor.samsung.com/support/quality-support/product-security-updates/

Restart Required: No

Instructions:

1. Check for Samsung security updates in device Settings > Software update. 2. Install latest available update. 3. Verify patch is applied by checking security patch level in Settings > About phone > Software information.

🔧 Temporary Workarounds

Restrict app installations

android

Prevent installation of untrusted applications that could exploit the vulnerability.

Enable 'Install unknown apps' restriction in Android settings
Use enterprise mobile management to control app installations

🧯 If You Can't Patch

Isolate affected devices from critical networks and limit user privileges
Monitor for abnormal device crashes or instability as potential exploitation indicators

🔍 How to Verify

Check if Vulnerable:

Check device processor model in Settings > About phone > Hardware information and compare with affected Exynos 1480/2400 models.

Check Version:

adb shell getprop ro.build.version.security_patch

Verify Fix Applied:

Verify security patch level in Settings > About phone > Software information includes month/year after Samsung's CVE-2024-46922 patch release.

📡 Detection & Monitoring

Log Indicators:

Kernel panic logs mentioning amdgpu_cs_parser_bos
Android system logs showing unexpected GPU driver crashes

Network Indicators:

No direct network indicators - local exploitation only

SIEM Query:

source="android_system" AND ("amdgpu" OR "GPU crash" OR "kernel panic")

📊 Metadata

CVE ID: CVE-2024-46922

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-476

EPSS Score: 0.24% exploit probability (46.7th percentile)

Published: February 12, 2025

Last Updated: June 20, 2025

🔗 References

https://semiconductor.samsung.com/support/quality-support/product-security-updates/ Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-46922, you might also want to check these: