October 22, 2024 at 05:38PM
A critical zero-day vulnerability (CVE-2024-44068) in Samsung’s mobile processors allows arbitrary code execution. Discovered in the m2m scaler driver, it received an 8.1 CVSS score and was patched in October 2024. Reported by Google researchers, it includes privilege escalation and anti-forensic measures.
**Meeting Takeaways:**
1. **Discovery of Vulnerability**: A zero-day vulnerability identified as CVE-2024-44068 has been found in Samsung’s mobile processors.
2. **Severity and Impact**: The vulnerability has a critical CVSS score of 8.1 out of 10 and is exploited for arbitrary code execution.
3. **Patch Implementation**: Samsung addressed this vulnerability in their October security updates.
4. **Technical Details**: The issue is associated with the m2m scaler driver within Samsung’s Exynos processors (models 9820, 9825, 980, 990, 850, and W920). It involves a use-after-free bug leading to privilege escalation.
5. **Reporting and Acknowledgment**: Google researcher Xingyu Jin reported the flaw, with additional insights shared by Google TAG researcher Clement Lecigene, who confirmed that an active exploit is present in the wild.
6. **Exploit Chain Description**: The exploit can execute arbitrary code within a privileged camera server process. Additionally, the exploit modifies its process name for anti-forensic evasion.
7. **Recommendations**: Users and organizations using affected devices should ensure they have applied the latest security patches from Samsung to mitigate risks associated with this vulnerability.