CVE-2023-40218

LOW

Samsung Exynos Mobile Processor 9820, 980, 2100, 2200, 1280, 1380 - Integer Overflow in NPU Kernel Driver

Title source: llm

Description

An issue was discovered in the NPU kernel driver in Samsung Exynos Mobile Processor 9820, 980, 2100, 2200, 1280, and 1380. An integer overflow can bypass detection of error cases via a crafted application.

References (1)

Core 1

Core References

Vendor Advisory

https://semiconductor.samsung.com/support/quality-support/product-security-updates/

Scores

CVSS v3 2.0

EPSS 0.0001

EPSS Percentile 1.5%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:L

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-190

Status published

Products (6)

samsung/exynos_1280_firmware

samsung/exynos_1380_firmware

samsung/exynos_2100_firmware

samsung/exynos_2200_firmware

samsung/exynos_980_firmware

samsung/exynos_9820_firmware

Published Sep 12, 2023

Tracked Since Feb 18, 2026