CVE-2019-19273

EUVD-2019-8899
On Samsung mobile devices with O(8.0) and P(9.0) software and an Exynos 8895 chipset, RKP (aka the Samsung Hypervisor EL2 implementation) allows arbitrary memory write operations. The Samsung ID is SVE-2019-16265.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 2%
Affected Products (NVD)
VendorProductVersion
googleandroid
8.0
googleandroid
9.0
samsungexynos_8895
-
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://census-labs.com/news/2020/10/08/samsung-hypervisor-rkp-arbitrary-zero-write/
https://security.samsungmobile.com/securityUpdate.smsb
https://census-labs.com/news/2020/10/08/samsung-hypervisor-rkp-arbitrary-zero-write/
https://security.samsungmobile.com/securityUpdate.smsb