CVE-2019-19273

On Samsung mobile devices with O(8.0) and P(9.0) software and an Exynos 8895 chipset, RKP (aka the Samsung Hypervisor EL2 implementation) allows arbitrary memory write operations. The Samsung ID is SVE-2019-16265.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 1%
VendorProductVersion
googleandroid
8.0
googleandroid
9.0
samsungexynos_8895
-
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://census-labs.com/news/2020/10/08/samsung-hypervisor-rkp-arbitrary-zero-write/
https://security.samsungmobile.com/securityUpdate.smsb
https://census-labs.com/news/2020/10/08/samsung-hypervisor-rkp-arbitrary-zero-write/
https://security.samsungmobile.com/securityUpdate.smsb