CVE-2023-21459 - Vulnerability Details

Vendors	Products
Samsung	Android Exynos 2100

Link	Providers
https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=03

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Show plain JSON

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2023-21459", "assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458", "assignerShortName": "Samsung Mobile", "dateUpdated": "2025-02-26T20:13:58.066Z", "dateReserved": "2022-11-14T00:00:00.000Z", "datePublished": "2023-03-16T00:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "3af57064-a867-422c-b2ad-40307b65c458", "shortName": "Samsung Mobile", "dateUpdated": "2023-03-16T00:00:00.000Z"}, "descriptions": [{"lang": "en", "value": "Use after free vulnerability in decon driver prior to SMR Mar-2023 Release 1 allows attackers to cause memory access fault."}], "affected": [{"vendor": "Samsung Mobile", "product": "Samsung Mobile Devices", "versions": [{"version": "Android 11, 12, 13 devices with Exynos2100 chipset", "status": "affected", "lessThan": "SMR Mar-2023 Release 1", "versionType": "custom"}]}], "references": [{"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=03"}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L", "attackVector": "LOCAL", "attackComplexity": "HIGH", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "LOW", "baseScore": 5, "baseSeverity": "MEDIUM"}}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "CWE - 416 : Use After Free"}]}], "source": {"discovery": "UNKNOWN"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T09:36:34.513Z"}, "title": "CVE Program Container", "references": [{"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=03", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-02-26T20:13:48.372280Z", "id": "CVE-2023-21459", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-26T20:13:58.066Z"}}]}}

{

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

cveMetadata : { »

state : PUBLISHED (string)

cveId : CVE-2023-21459 (string)

assignerOrgId : 3af57064-a867-422c-b2ad-40307b65c458 (string)

assignerShortName : Samsung Mobile (string)

dateUpdated : 2025-02-26T20:13:58.066Z (string)

dateReserved : 2022-11-14T00:00:00.000Z (string)

datePublished : 2023-03-16T00:00:00.000Z (string)

}

containers : { »

cna : { »

providerMetadata : { »

orgId : 3af57064-a867-422c-b2ad-40307b65c458 (string)

shortName : Samsung Mobile (string)

dateUpdated : 2023-03-16T00:00:00.000Z (string)

}

descriptions : [ »

0 : { »

lang : en (string)

value : Use after free vulnerability in decon driver prior to SMR Mar-2023 Release 1 allows attackers to cause memory access fault. (string)

}

]

affected : [ »

0 : { »

vendor : Samsung Mobile (string)

product : Samsung Mobile Devices (string)

versions : [ »

0 : { »

version : Android 11, 12, 13 devices with Exynos2100 chipset (string)

status : affected (string)

lessThan : SMR Mar-2023 Release 1 (string)

versionType : custom (string)

}

]

}

]

references : [ »

0 : { »

url : https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=03 (string)

}

]

metrics : [ »

0 : { »

cvssV3_1 : { »

version : 3.1 (string)

vectorString : CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L (string)

attackVector : LOCAL (string)

attackComplexity : HIGH (string)

privilegesRequired : HIGH (string)

userInteraction : NONE (string)

scope : CHANGED (string)

confidentialityImpact : LOW (string)

integrityImpact : LOW (string)

availabilityImpact : LOW (string)

baseScore : 5 (number)

baseSeverity : MEDIUM (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

type : text (string)

lang : en (string)

description : CWE - 416 : Use After Free (string)

}

]

}

]

source : { »

discovery : UNKNOWN (string)

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-02T09:36:34.513Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

url : https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=03 (string)

tags : [ »

0 : x_transferred (string)

]

}

]

}

1 : { »

metrics : [ »

0 : { »

other : { »

type : ssvc (string)

content : { »

timestamp : 2025-02-26T20:13:48.372280Z (string)

id : CVE-2023-21459 (string)

options : [ »

0 : { »

Exploitation : none (string)

}

1 : { »

Automatable : no (string)

}

2 : { »

Technical Impact : partial (string)

}

]

role : CISA Coordinator (string)

version : 2.0.3 (string)

}

]

title : CISA ADP Vulnrichment (string)

providerMetadata : { »

orgId : 134c704f-9b21-4f2e-91b3-4a467353bcc0 (string)

shortName : CISA-ADP (string)

dateUpdated : 2025-02-26T20:13:58.066Z (string)

}

]

}

Show plain JSON

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2023-21459", "assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458", "assignerShortName": "Samsung Mobile", "dateUpdated": "2025-02-26T20:13:58.066Z", "dateReserved": "2022-11-14T00:00:00.000Z", "datePublished": "2023-03-16T00:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "3af57064-a867-422c-b2ad-40307b65c458", "shortName": "Samsung Mobile", "dateUpdated": "2023-03-16T00:00:00.000Z"}, "descriptions": [{"lang": "en", "value": "Use after free vulnerability in decon driver prior to SMR Mar-2023 Release 1 allows attackers to cause memory access fault."}], "affected": [{"vendor": "Samsung Mobile", "product": "Samsung Mobile Devices", "versions": [{"version": "Android 11, 12, 13 devices with Exynos2100 chipset", "status": "affected", "lessThan": "SMR Mar-2023 Release 1", "versionType": "custom"}]}], "references": [{"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=03"}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L", "attackVector": "LOCAL", "attackComplexity": "HIGH", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "LOW", "baseScore": 5, "baseSeverity": "MEDIUM"}}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "CWE - 416 : Use After Free"}]}], "source": {"discovery": "UNKNOWN"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T09:36:34.513Z"}, "title": "CVE Program Container", "references": [{"url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=03", "tags": ["x_transferred"]}]}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-21459", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-02-26T20:13:48.372280Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-26T20:13:53.295Z"}}]}}

{

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

cveMetadata : { »

state : PUBLISHED (string)

cveId : CVE-2023-21459 (string)

assignerOrgId : 3af57064-a867-422c-b2ad-40307b65c458 (string)

assignerShortName : Samsung Mobile (string)

dateUpdated : 2025-02-26T20:13:58.066Z (string)

dateReserved : 2022-11-14T00:00:00.000Z (string)

datePublished : 2023-03-16T00:00:00.000Z (string)

}

containers : { »

cna : { »

providerMetadata : { »

orgId : 3af57064-a867-422c-b2ad-40307b65c458 (string)

shortName : Samsung Mobile (string)

dateUpdated : 2023-03-16T00:00:00.000Z (string)

}

descriptions : [ »

0 : { »

lang : en (string)

value : Use after free vulnerability in decon driver prior to SMR Mar-2023 Release 1 allows attackers to cause memory access fault. (string)

}

]

affected : [ »

0 : { »

vendor : Samsung Mobile (string)

product : Samsung Mobile Devices (string)

versions : [ »

0 : { »

version : Android 11, 12, 13 devices with Exynos2100 chipset (string)

status : affected (string)

lessThan : SMR Mar-2023 Release 1 (string)

versionType : custom (string)

}

]

}

]

references : [ »

0 : { »

url : https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=03 (string)

}

]

metrics : [ »

0 : { »

cvssV3_1 : { »

version : 3.1 (string)

vectorString : CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L (string)

attackVector : LOCAL (string)

attackComplexity : HIGH (string)

privilegesRequired : HIGH (string)

userInteraction : NONE (string)

scope : CHANGED (string)

confidentialityImpact : LOW (string)

integrityImpact : LOW (string)

availabilityImpact : LOW (string)

baseScore : 5 (number)

baseSeverity : MEDIUM (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

type : text (string)

lang : en (string)

description : CWE - 416 : Use After Free (string)

}

]

}

]

source : { »

discovery : UNKNOWN (string)

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-02T09:36:34.513Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

url : https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=03 (string)

tags : [ »

0 : x_transferred (string)

]

}

]

}

1 : { »

title : CISA ADP Vulnrichment (string)

metrics : [ »

0 : { »

other : { »

type : ssvc (string)

content : { »

id : CVE-2023-21459 (string)

role : CISA Coordinator (string)

options : [ »

0 : { »

Exploitation : none (string)

}

1 : { »

Automatable : no (string)

}

2 : { »

Technical Impact : partial (string)

}

]

version : 2.0.3 (string)

timestamp : 2025-02-26T20:13:48.372280Z (string)

}

]

providerMetadata : { »

orgId : 134c704f-9b21-4f2e-91b3-4a467353bcc0 (string)

shortName : CISA-ADP (string)

dateUpdated : 2025-02-26T20:13:53.295Z (string)

}

]

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:samsung:android:11.0:smr-apr-2021-r1:*:*:*:*:*:*", "matchCriteriaId": "8D2D0083-0A85-47F7-A42D-2040A3BEC132", "vulnerable": true}, {"criteria": "cpe:2.3:o:samsung:android:11.0:smr-apr-2022-r1:*:*:*:*:*:*", "matchCriteriaId": "0332BF16-0F1F-4733-ABCE-A1EA1366A5D9", "vulnerable": true}, {"criteria": "cpe:2.3:o:samsung:android:11.0:smr-aug-2021-r1:*:*:*:*:*:*", "matchCriteriaId": "A3658A42-BCA9-4188-8B36-3C6599BBF83C", "vulnerable": true}, {"criteria": "cpe:2.3:o:samsung:android:11.0:smr-aug-2022-r1:*:*:*:*:*:*", "matchCriteriaId": "D0E55E09-C2C9-43D1-8A1A-6D02F544E34A", "vulnerable": true}, {"criteria": "cpe:2.3:o:samsung:android:11.0:smr-dec-2020-r1:*:*:*:*:*:*", "matchCriteriaId": "C26195A5-31BE-4116-8F31-9F25BE57AB52", "vulnerable": true}, {"criteria": "cpe:2.3:o:samsung:android:11.0:smr-dec-2021-r1:*:*:*:*:*:*", "matchCriteriaId": "4C6114C5-C175-45E7-821E-6BA218F923DE", "vulnerable": true}, {"criteria": "cpe:2.3:o:samsung:android:11.0:smr-dec-2022-r1:*:*:*:*:*:*", "matchCriteriaId": "58BA232B-8D39-473A-91D0-D3AC03FDE8FB", "vulnerable": true}, {"criteria": "cpe:2.3:o:samsung:android:11.0:smr-feb-2021-r1:*:*:*:*:*:*", "matchCriteriaId": "25B42CE0-67DE-4611-8D70-DEEC975E32BA", "vulnerable": true}, {"criteria": "cpe:2.3:o:samsung:android:11.0:smr-feb-2022-r1:*:*:*:*:*:*", "matchCriteriaId": "AF2EADA0-5976-4711-A7A5-61594F3E2FEB", "vulnerable": true}, {"criteria": "cpe:2.3:o:samsung:android:11.0:smr-feb-2023-r1:*:*:*:*:*:*", "matchCriteriaId": "6B59145B-5506-477C-8F9C-ABB0CE2CF631", "vulnerable": true}, {"criteria": "cpe:2.3:o:samsung:android:11.0:smr-jan-2021-r1:*:*:*:*:*:*", "matchCriteriaId": "AC082E25-1B7D-473D-A066-1463E6321CD5", "vulnerable": true}, {"criteria": "cpe:2.3:o:samsung:android:11.0:smr-jan-2022-r1:*:*:*:*:*:*", "matchCriteriaId": "655BEA94-9A83-4A56-8DDE-79ADC821C707", "vulnerable": true}, {"criteria": "cpe:2.3:o:samsung:android:11.0:smr-jan-2023-r1:*:*:*:*:*:*", "matchCriteriaId": "B894D0C1-E66E-44B0-8FCA-2EE4290C4173", "vulnerable": true}, {"criteria": "cpe:2.3:o:samsung:android:11.0:smr-jul-2021-r1:*:*:*:*:*:*", "matchCriteriaId": "2B088DE9-31F1-4737-8BC8-CC406F208ACB", "vulnerable": true}, {"criteria": "cpe:2.3:o:samsung:android:11.0:smr-jul-2022-r1:*:*:*:*:*:*", "matchCriteriaId": "899F6BD2-47AF-4ADA-935D-90AB069E9BA4", "vulnerable": true}, {"criteria": "cpe:2.3:o:samsung:android:11.0:smr-jun-2021-r1:*:*:*:*:*:*", "matchCriteriaId": "C2592B14-B3B7-4C85-88E8-5E12F6F50ED3", "vulnerable": true}, {"criteria": "cpe:2.3:o:samsung:android:11.0:smr-jun-2022-r1:*:*:*:*:*:*", "matchCriteriaId": "40A783AA-91E7-426B-8A78-4EBE5D69A602", "vulnerable": true}, {"criteria": "cpe:2.3:o:samsung:android:11.0:smr-mar-2021-r1:*:*:*:*:*:*", "matchCriteriaId": "BA51F5D5-D18D-426C-B09F-EE12CE11E9FB", "vulnerable": true}, {"criteria": "cpe:2.3:o:samsung:android:11.0:smr-mar-2022-r1:*:*:*:*:*:*", "matchCriteriaId": "53968A3C-6E71-42B8-8671-6730D8C85603", "vulnerable": true}, {"criteria": "cpe:2.3:o:samsung:android:11.0:smr-may-2021-r1:*:*:*:*:*:*", "matchCriteriaId": "6C946853-D56D-457C-A1CB-AD1A5BD56C41", "vulnerable": true}, {"criteria": "cpe:2.3:o:samsung:android:11.0:smr-may-2022-r1:*:*:*:*:*:*", "matchCriteriaId": "B35EB1D3-2F29-4A5C-AC9A-6ED72A2E22D2", "vulnerable": true}, {"criteria": "cpe:2.3:o:samsung:android:11.0:smr-nov-2021-r1:*:*:*:*:*:*", "matchCriteriaId": "9BD8E899-427B-47D2-9168-446B0249868F", "vulnerable": true}, {"criteria": "cpe:2.3:o:samsung:android:11.0:smr-nov-2022-r1:*:*:*:*:*:*", "matchCriteriaId": "E923AF0F-34BA-40FE-AA20-B01366263B97", "vulnerable": true}, {"criteria": "cpe:2.3:o:samsung:android:11.0:smr-oct-2021-r1:*:*:*:*:*:*", "matchCriteriaId": "78B14D1F-C536-4816-A076-B074E41EB0A9", "vulnerable": true}, {"criteria": "cpe:2.3:o:samsung:android:11.0:smr-oct-2022-r1:*:*:*:*:*:*", "matchCriteriaId": "AF2D00F4-B521-4D8F-84F8-DCE45B6349A1", "vulnerable": true}, {"criteria": "cpe:2.3:o:samsung:android:11.0:smr-sep-2021-r1:*:*:*:*:*:*", "matchCriteriaId": "548BCC15-C6D8-4AE7-B167-4DD74382097B", "vulnerable": true}, {"criteria": "cpe:2.3:o:samsung:android:11.0:smr-sep-2022-r1:*:*:*:*:*:*", "matchCriteriaId": "9C2B6E53-CC07-4590-ADFA-CEF7DB0F4EB7", "vulnerable": true}, {"criteria": "cpe:2.3:o:samsung:android:12.0:smr-apr-2022-r1:*:*:*:*:*:*", "matchCriteriaId": "EC4A2EBA-038B-44D5-84F3-FF326CD1C62D", "vulnerable": true}, {"criteria": "cpe:2.3:o:samsung:android:12.0:smr-aug-2022-r1:*:*:*:*:*:*", "matchCriteriaId": "0ABFBBDB-E935-4C54-865A-0E607497DA87", "vulnerable": true}, {"criteria": "cpe:2.3:o:samsung:android:12.0:smr-dec-2021-r1:*:*:*:*:*:*", "matchCriteriaId": "3899E3E7-1284-4223-A258-DA691F5D62FE", "vulnerable": true}, {"criteria": "cpe:2.3:o:samsung:android:12.0:smr-dec-2022-r1:*:*:*:*:*:*", "matchCriteriaId": "ECD961EA-6881-4A14-83DE-C6972F6F681C", "vulnerable": true}, {"criteria": "cpe:2.3:o:samsung:android:12.0:smr-feb-2022-r1:*:*:*:*:*:*", "matchCriteriaId": "011CC4F5-6701-41E9-BC7D-CFE6EFF682AC", "vulnerable": true}, {"criteria": "cpe:2.3:o:samsung:android:12.0:smr-feb-2023-r1:*:*:*:*:*:*", "matchCriteriaId": "13E145E2-CE11-4EE5-9085-B4960FE4F52F", "vulnerable": true}, {"criteria": "cpe:2.3:o:samsung:android:12.0:smr-jan-2022-r1:*:*:*:*:*:*", "matchCriteriaId": "A3BBC8B6-1D2B-47C9-93EE-3D3DC43062F1", "vulnerable": true}, {"criteria": "cpe:2.3:o:samsung:android:12.0:smr-jan-2023-r1:*:*:*:*:*:*", "matchCriteriaId": "02600CDD-6862-4146-88E8-A2E73B7ED534", "vulnerable": true}, {"criteria": "cpe:2.3:o:samsung:android:12.0:smr-jul-2022-r1:*:*:*:*:*:*", "matchCriteriaId": "35F40D59-034B-44FB-8DCD-D469B50DE7E1", "vulnerable": true}, {"criteria": "cpe:2.3:o:samsung:android:12.0:smr-jun-2022-r1:*:*:*:*:*:*", "matchCriteriaId": "BC3F8572-578B-4D19-9453-1D03DA55EF70", "vulnerable": true}, {"criteria": "cpe:2.3:o:samsung:android:12.0:smr-mar-2022-r1:*:*:*:*:*:*", "matchCriteriaId": "9137C66C-4966-4C90-ABE9-7E22F7E29BA7", "vulnerable": true}, {"criteria": "cpe:2.3:o:samsung:android:12.0:smr-may-2022-r1:*:*:*:*:*:*", "matchCriteriaId": "18CD523B-530E-4187-8BFF-729CDAC69282", "vulnerable": true}, {"criteria": "cpe:2.3:o:samsung:android:12.0:smr-nov-2021-r1:*:*:*:*:*:*", "matchCriteriaId": "5A81C86D-F1FE-4166-8F37-D7170E6B30FE", "vulnerable": true}, {"criteria": "cpe:2.3:o:samsung:android:12.0:smr-nov-2022-r1:*:*:*:*:*:*", "matchCriteriaId": "A3D80783-523A-455E-B1AD-0961086F79E6", "vulnerable": true}, {"criteria": "cpe:2.3:o:samsung:android:12.0:smr-oct-2022-r1:*:*:*:*:*:*", "matchCriteriaId": "89BE2958-0BEE-4CFD-A0BA-494DE62E7F32", "vulnerable": true}, {"criteria": "cpe:2.3:o:samsung:android:13.0:smr-dec-2022-r1:*:*:*:*:*:*", "matchCriteriaId": "299284DA-85AB-4162-B858-E67E5C6C14F7", "vulnerable": true}, {"criteria": "cpe:2.3:o:samsung:android:13.0:smr-feb-2023-r1:*:*:*:*:*:*", "matchCriteriaId": "D98F307E-3B01-4C17-86E5-1C6299919417", "vulnerable": true}, {"criteria": "cpe:2.3:o:samsung:android:13.0:smr-jan-2023-r1:*:*:*:*:*:*", "matchCriteriaId": "7D7DA96D-9C25-4DDA-A6BF-D998AC346B89", "vulnerable": true}, {"criteria": "cpe:2.3:o:samsung:android:13.0:smr-nov-2022-r1:*:*:*:*:*:*", "matchCriteriaId": "D2B24866-2B3A-4A1A-8B75-EF7A7541797A", "vulnerable": true}, {"criteria": "cpe:2.3:o:samsung:android:13.0:smr-nov-2023-r1:*:*:*:*:*:*", "matchCriteriaId": "3D30C02C-91FB-4D29-AF49-7903158E8FEB", "vulnerable": true}, {"criteria": "cpe:2.3:o:samsung:android:13.0:smr-oct-2022-r1:*:*:*:*:*:*", "matchCriteriaId": "EBB29F18-A929-432B-B20C-365401E6CA12", "vulnerable": true}, {"criteria": "cpe:2.3:o:samsung:android:13.0:smr-oct-2023-r1:*:*:*:*:*:*", "matchCriteriaId": "2B6D9064-844B-4D3F-AAE4-D170DF45EF8D", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:samsung:exynos_2100:-:*:*:*:*:*:*:*", "matchCriteriaId": "9385885D-654A-496E-8029-7C6D9B077193", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Use after free vulnerability in decon driver prior to SMR Mar-2023 Release 1 allows attackers to cause memory access fault."}], "id": "CVE-2023-21459", "lastModified": "2024-11-21T07:42:54.820", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "LOW", "baseScore": 5.0, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 0.8, "impactScore": 3.7, "source": "mobile.security@samsung.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-03-16T21:15:12.347", "references": [{"source": "mobile.security@samsung.com", "tags": ["Vendor Advisory"], "url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=03"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=03"}], "sourceIdentifier": "mobile.security@samsung.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-416"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:samsung:android:11.0:smr-apr-2021-r1:*:*:*:*:*:* (string)

matchCriteriaId : 8D2D0083-0A85-47F7-A42D-2040A3BEC132 (string)

vulnerable : true (boolean)

}

1 : { »

criteria : cpe:2.3:o:samsung:android:11.0:smr-apr-2022-r1:*:*:*:*:*:* (string)

matchCriteriaId : 0332BF16-0F1F-4733-ABCE-A1EA1366A5D9 (string)

vulnerable : true (boolean)

}

2 : { »

criteria : cpe:2.3:o:samsung:android:11.0:smr-aug-2021-r1:*:*:*:*:*:* (string)

matchCriteriaId : A3658A42-BCA9-4188-8B36-3C6599BBF83C (string)

vulnerable : true (boolean)

}

3 : { »

criteria : cpe:2.3:o:samsung:android:11.0:smr-aug-2022-r1:*:*:*:*:*:* (string)

matchCriteriaId : D0E55E09-C2C9-43D1-8A1A-6D02F544E34A (string)

vulnerable : true (boolean)

}

4 : { »

criteria : cpe:2.3:o:samsung:android:11.0:smr-dec-2020-r1:*:*:*:*:*:* (string)

matchCriteriaId : C26195A5-31BE-4116-8F31-9F25BE57AB52 (string)

vulnerable : true (boolean)

}

5 : { »

criteria : cpe:2.3:o:samsung:android:11.0:smr-dec-2021-r1:*:*:*:*:*:* (string)

matchCriteriaId : 4C6114C5-C175-45E7-821E-6BA218F923DE (string)

vulnerable : true (boolean)

}

6 : { »

criteria : cpe:2.3:o:samsung:android:11.0:smr-dec-2022-r1:*:*:*:*:*:* (string)

matchCriteriaId : 58BA232B-8D39-473A-91D0-D3AC03FDE8FB (string)

vulnerable : true (boolean)

}

7 : { »

criteria : cpe:2.3:o:samsung:android:11.0:smr-feb-2021-r1:*:*:*:*:*:* (string)

matchCriteriaId : 25B42CE0-67DE-4611-8D70-DEEC975E32BA (string)

vulnerable : true (boolean)

}

8 : { »

criteria : cpe:2.3:o:samsung:android:11.0:smr-feb-2022-r1:*:*:*:*:*:* (string)

matchCriteriaId : AF2EADA0-5976-4711-A7A5-61594F3E2FEB (string)

vulnerable : true (boolean)

}

9 : { »

criteria : cpe:2.3:o:samsung:android:11.0:smr-feb-2023-r1:*:*:*:*:*:* (string)

matchCriteriaId : 6B59145B-5506-477C-8F9C-ABB0CE2CF631 (string)

vulnerable : true (boolean)

}

10 : { »

criteria : cpe:2.3:o:samsung:android:11.0:smr-jan-2021-r1:*:*:*:*:*:* (string)

matchCriteriaId : AC082E25-1B7D-473D-A066-1463E6321CD5 (string)

vulnerable : true (boolean)

}

11 : { »

criteria : cpe:2.3:o:samsung:android:11.0:smr-jan-2022-r1:*:*:*:*:*:* (string)

matchCriteriaId : 655BEA94-9A83-4A56-8DDE-79ADC821C707 (string)

vulnerable : true (boolean)

}

12 : { »

criteria : cpe:2.3:o:samsung:android:11.0:smr-jan-2023-r1:*:*:*:*:*:* (string)

matchCriteriaId : B894D0C1-E66E-44B0-8FCA-2EE4290C4173 (string)

vulnerable : true (boolean)

}

13 : { »

criteria : cpe:2.3:o:samsung:android:11.0:smr-jul-2021-r1:*:*:*:*:*:* (string)

matchCriteriaId : 2B088DE9-31F1-4737-8BC8-CC406F208ACB (string)

vulnerable : true (boolean)

}

14 : { »

criteria : cpe:2.3:o:samsung:android:11.0:smr-jul-2022-r1:*:*:*:*:*:* (string)

matchCriteriaId : 899F6BD2-47AF-4ADA-935D-90AB069E9BA4 (string)

vulnerable : true (boolean)

}

15 : { »

criteria : cpe:2.3:o:samsung:android:11.0:smr-jun-2021-r1:*:*:*:*:*:* (string)

matchCriteriaId : C2592B14-B3B7-4C85-88E8-5E12F6F50ED3 (string)

vulnerable : true (boolean)

}

16 : { »

criteria : cpe:2.3:o:samsung:android:11.0:smr-jun-2022-r1:*:*:*:*:*:* (string)

matchCriteriaId : 40A783AA-91E7-426B-8A78-4EBE5D69A602 (string)

vulnerable : true (boolean)

}

17 : { »

criteria : cpe:2.3:o:samsung:android:11.0:smr-mar-2021-r1:*:*:*:*:*:* (string)

matchCriteriaId : BA51F5D5-D18D-426C-B09F-EE12CE11E9FB (string)

vulnerable : true (boolean)

}

18 : { »

criteria : cpe:2.3:o:samsung:android:11.0:smr-mar-2022-r1:*:*:*:*:*:* (string)

matchCriteriaId : 53968A3C-6E71-42B8-8671-6730D8C85603 (string)

vulnerable : true (boolean)

}

19 : { »

criteria : cpe:2.3:o:samsung:android:11.0:smr-may-2021-r1:*:*:*:*:*:* (string)

matchCriteriaId : 6C946853-D56D-457C-A1CB-AD1A5BD56C41 (string)

vulnerable : true (boolean)

}

20 : { »

criteria : cpe:2.3:o:samsung:android:11.0:smr-may-2022-r1:*:*:*:*:*:* (string)

matchCriteriaId : B35EB1D3-2F29-4A5C-AC9A-6ED72A2E22D2 (string)

vulnerable : true (boolean)

}

21 : { »

criteria : cpe:2.3:o:samsung:android:11.0:smr-nov-2021-r1:*:*:*:*:*:* (string)

matchCriteriaId : 9BD8E899-427B-47D2-9168-446B0249868F (string)

vulnerable : true (boolean)

}

22 : { »

criteria : cpe:2.3:o:samsung:android:11.0:smr-nov-2022-r1:*:*:*:*:*:* (string)

matchCriteriaId : E923AF0F-34BA-40FE-AA20-B01366263B97 (string)

vulnerable : true (boolean)

}

23 : { »

criteria : cpe:2.3:o:samsung:android:11.0:smr-oct-2021-r1:*:*:*:*:*:* (string)

matchCriteriaId : 78B14D1F-C536-4816-A076-B074E41EB0A9 (string)

vulnerable : true (boolean)

}

24 : { »

criteria : cpe:2.3:o:samsung:android:11.0:smr-oct-2022-r1:*:*:*:*:*:* (string)

matchCriteriaId : AF2D00F4-B521-4D8F-84F8-DCE45B6349A1 (string)

vulnerable : true (boolean)

}

25 : { »

criteria : cpe:2.3:o:samsung:android:11.0:smr-sep-2021-r1:*:*:*:*:*:* (string)

matchCriteriaId : 548BCC15-C6D8-4AE7-B167-4DD74382097B (string)

vulnerable : true (boolean)

}

26 : { »

criteria : cpe:2.3:o:samsung:android:11.0:smr-sep-2022-r1:*:*:*:*:*:* (string)

matchCriteriaId : 9C2B6E53-CC07-4590-ADFA-CEF7DB0F4EB7 (string)

vulnerable : true (boolean)

}

27 : { »

criteria : cpe:2.3:o:samsung:android:12.0:smr-apr-2022-r1:*:*:*:*:*:* (string)

matchCriteriaId : EC4A2EBA-038B-44D5-84F3-FF326CD1C62D (string)

vulnerable : true (boolean)

}

28 : { »

criteria : cpe:2.3:o:samsung:android:12.0:smr-aug-2022-r1:*:*:*:*:*:* (string)

matchCriteriaId : 0ABFBBDB-E935-4C54-865A-0E607497DA87 (string)

vulnerable : true (boolean)

}

29 : { »

criteria : cpe:2.3:o:samsung:android:12.0:smr-dec-2021-r1:*:*:*:*:*:* (string)

matchCriteriaId : 3899E3E7-1284-4223-A258-DA691F5D62FE (string)

vulnerable : true (boolean)

}

30 : { »

criteria : cpe:2.3:o:samsung:android:12.0:smr-dec-2022-r1:*:*:*:*:*:* (string)

matchCriteriaId : ECD961EA-6881-4A14-83DE-C6972F6F681C (string)

vulnerable : true (boolean)

}

31 : { »

criteria : cpe:2.3:o:samsung:android:12.0:smr-feb-2022-r1:*:*:*:*:*:* (string)

matchCriteriaId : 011CC4F5-6701-41E9-BC7D-CFE6EFF682AC (string)

vulnerable : true (boolean)

}

32 : { »

criteria : cpe:2.3:o:samsung:android:12.0:smr-feb-2023-r1:*:*:*:*:*:* (string)

matchCriteriaId : 13E145E2-CE11-4EE5-9085-B4960FE4F52F (string)

vulnerable : true (boolean)

}

33 : { »

criteria : cpe:2.3:o:samsung:android:12.0:smr-jan-2022-r1:*:*:*:*:*:* (string)

matchCriteriaId : A3BBC8B6-1D2B-47C9-93EE-3D3DC43062F1 (string)

vulnerable : true (boolean)

}

34 : { »

criteria : cpe:2.3:o:samsung:android:12.0:smr-jan-2023-r1:*:*:*:*:*:* (string)

matchCriteriaId : 02600CDD-6862-4146-88E8-A2E73B7ED534 (string)

vulnerable : true (boolean)

}

35 : { »

criteria : cpe:2.3:o:samsung:android:12.0:smr-jul-2022-r1:*:*:*:*:*:* (string)

matchCriteriaId : 35F40D59-034B-44FB-8DCD-D469B50DE7E1 (string)

vulnerable : true (boolean)

}

36 : { »

criteria : cpe:2.3:o:samsung:android:12.0:smr-jun-2022-r1:*:*:*:*:*:* (string)

matchCriteriaId : BC3F8572-578B-4D19-9453-1D03DA55EF70 (string)

vulnerable : true (boolean)

}

37 : { »

criteria : cpe:2.3:o:samsung:android:12.0:smr-mar-2022-r1:*:*:*:*:*:* (string)

matchCriteriaId : 9137C66C-4966-4C90-ABE9-7E22F7E29BA7 (string)

vulnerable : true (boolean)

}

38 : { »

criteria : cpe:2.3:o:samsung:android:12.0:smr-may-2022-r1:*:*:*:*:*:* (string)

matchCriteriaId : 18CD523B-530E-4187-8BFF-729CDAC69282 (string)

vulnerable : true (boolean)

}

39 : { »

criteria : cpe:2.3:o:samsung:android:12.0:smr-nov-2021-r1:*:*:*:*:*:* (string)

matchCriteriaId : 5A81C86D-F1FE-4166-8F37-D7170E6B30FE (string)

vulnerable : true (boolean)

}

40 : { »

criteria : cpe:2.3:o:samsung:android:12.0:smr-nov-2022-r1:*:*:*:*:*:* (string)

matchCriteriaId : A3D80783-523A-455E-B1AD-0961086F79E6 (string)

vulnerable : true (boolean)

}

41 : { »

criteria : cpe:2.3:o:samsung:android:12.0:smr-oct-2022-r1:*:*:*:*:*:* (string)

matchCriteriaId : 89BE2958-0BEE-4CFD-A0BA-494DE62E7F32 (string)

vulnerable : true (boolean)

}

42 : { »

criteria : cpe:2.3:o:samsung:android:13.0:smr-dec-2022-r1:*:*:*:*:*:* (string)

matchCriteriaId : 299284DA-85AB-4162-B858-E67E5C6C14F7 (string)

vulnerable : true (boolean)

}

43 : { »

criteria : cpe:2.3:o:samsung:android:13.0:smr-feb-2023-r1:*:*:*:*:*:* (string)

matchCriteriaId : D98F307E-3B01-4C17-86E5-1C6299919417 (string)

vulnerable : true (boolean)

}

44 : { »

criteria : cpe:2.3:o:samsung:android:13.0:smr-jan-2023-r1:*:*:*:*:*:* (string)

matchCriteriaId : 7D7DA96D-9C25-4DDA-A6BF-D998AC346B89 (string)

vulnerable : true (boolean)

}

45 : { »

criteria : cpe:2.3:o:samsung:android:13.0:smr-nov-2022-r1:*:*:*:*:*:* (string)

matchCriteriaId : D2B24866-2B3A-4A1A-8B75-EF7A7541797A (string)

vulnerable : true (boolean)

}

46 : { »

criteria : cpe:2.3:o:samsung:android:13.0:smr-nov-2023-r1:*:*:*:*:*:* (string)

matchCriteriaId : 3D30C02C-91FB-4D29-AF49-7903158E8FEB (string)

vulnerable : true (boolean)

}

47 : { »

criteria : cpe:2.3:o:samsung:android:13.0:smr-oct-2022-r1:*:*:*:*:*:* (string)

matchCriteriaId : EBB29F18-A929-432B-B20C-365401E6CA12 (string)

vulnerable : true (boolean)

}

48 : { »

criteria : cpe:2.3:o:samsung:android:13.0:smr-oct-2023-r1:*:*:*:*:*:* (string)

matchCriteriaId : 2B6D9064-844B-4D3F-AAE4-D170DF45EF8D (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:h:samsung:exynos_2100:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 9385885D-654A-496E-8029-7C6D9B077193 (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : Use after free vulnerability in decon driver prior to SMR Mar-2023 Release 1 allows attackers to cause memory access fault. (string)

}

]

id : CVE-2023-21459 (string)

lastModified : 2024-11-21T07:42:54.820 (string)

metrics : { »

cvssMetricV31 : [ »

0 : { »

cvssData : { »

attackComplexity : HIGH (string)

attackVector : LOCAL (string)

availabilityImpact : LOW (string)

baseScore : 5 (number)

baseSeverity : MEDIUM (string)

confidentialityImpact : LOW (string)

integrityImpact : LOW (string)

privilegesRequired : HIGH (string)

scope : CHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L (string)

version : 3.1 (string)

}

exploitabilityScore : 0.8 (number)

impactScore : 3.7 (number)

source : mobile.security@samsung.com (string)

type : Secondary (string)

}

1 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : NETWORK (string)

availabilityImpact : HIGH (string)

baseScore : 9.8 (number)

baseSeverity : CRITICAL (string)

confidentialityImpact : HIGH (string)

integrityImpact : HIGH (string)

privilegesRequired : NONE (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H (string)

version : 3.1 (string)

}

exploitabilityScore : 3.9 (number)

impactScore : 5.9 (number)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

published : 2023-03-16T21:15:12.347 (string)

references : [ »

0 : { »

source : mobile.security@samsung.com (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=03 (string)

}

1 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=03 (string)

}

]

sourceIdentifier : mobile.security@samsung.com (string)

vulnStatus : Modified (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-416 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Attack Vector Local

Attack Complexity High

Privileges Required High

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

Metrics

Attack Vector Local

Attack Complexity High

Privileges Required High

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object