CPRID-2171

Samsung Android devices (Secure Storage Trustlet) • O(8.x), P(9.0) devices with Qualcomm (SDM660, MSM8998, SDM845, SM8150) chipsets • Integer Underflow
Reported on 04-Feb-19 by Slava Makkaveev
CPR-ID: 2171
Upload Date: 18-Apr-21

Information

An invalid input check vulnerability exists in Secure Storage (sec_store) trustlet allowing a potential integer underflow.

Samsung Vulnerability ID: SVE-2019-13952.

References:
https://research.checkpoint.com/the-road-to-qualcomm-trustzone-apps-fuzzing/
https://security.samsungmobile.com/securityUpdate.smsb (SMR-MAY-2019, SMR-JUN-2019, SMR-JUL-2019)

Share this: