CVE-2022-22265

An improper check or handling of exceptional conditions in NPU driver prior to SMR Jan-2022 Release 1 allows arbitrary memory write and code...

Basic Information

CVE State: PUBLISHED
Reserved Date: December 29, 2021
Published Date: January 07, 2022
Last Updated: February 04, 2025
Vendor: Samsung Mobile
Product: Samsung Mobile Devices
Description: An improper check or handling of exceptional conditions in NPU driver prior to SMR Jan-2022 Release 1 allows arbitrary memory write and code execution.
Tags

CVSS Scores

CVSS v3.1

5.0 - MEDIUM

Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L

SSVC Information

Exploitation: active
Technical Impact: total

Exploit Status

Exploited in the Wild: Yes (2023-09-18 00:00:00 UTC) Source

References

https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=1

Known Exploited Vulnerability Information

Source	Added Date
CISA	2023-09-18 00:00:00 UTC

Timeline

CVE ID Reserved

December 29, 2021
CVE Published to Public

January 07, 2022
Added to KEVIntel

September 18, 2023