CVE-2017-18647

HIGH

Samsung M(6,x) & N(7.0) - Buffer Overflow

Title source: llm
STIX 2.1

Description

An issue was discovered on Samsung mobile devices with M(6,x) and N(7.0) software. The TA Scrypto v1.0 implementation in Secure Driver has a race condition with a resultant buffer overflow. The Samsung IDs are SVE-2017-8973, SVE-2017-8974, and SVE-2017-8975 (November 2017).

References (1)

Core 1
Core References
Vendor Advisory x_refsource_confirm
https://security.samsungmobile.com/securityUpdate.smsb

Scores

CVSS v3 8.1
EPSS 0.0031
EPSS Percentile 22.2%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-362
Status published
Products (3)
google/android 6.0
google/android 6.0.1
google/android 7.0
Published Apr 07, 2020
Tracked Since Feb 18, 2026