Buffer overflow in Samsung products - CVE-2024-49197
Published: May 29, 2025
Vulnerability identifier: #VU109919
CSH Severity: High
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
CVE-ID: CVE-2024-49197
CWE-ID: CWE-119
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Samsung
Affected software:
Exynos 980
Exynos 850
Exynos 1080
Exynos 1280
Exynos 1330
Exynos 1380
Exynos 1480
Exynos W920
Exynos W930
Exynos W1000
Exynos 980
Exynos 850
Exynos 1080
Exynos 1280
Exynos 1330
Exynos 1380
Exynos 1480
Exynos W920
Exynos W930
Exynos W1000
Detailed vulnerability description
The vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to a boundary error in STOP_KEEP_ALIVE_OFFLOAD. A remote attacker can trigger memory corruption and gain access to the target system.
How to mitigate CVE-2024-49197
Install updates from vendor's website.