How severe is CVE-2024-25073?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.9 out of 10.

What type of vulnerability is CVE-2024-25073?

This is classified as CWE-476, which is a common weakness in software security.

CVE-2024-25073 - MEDIUM Severity | CVSS 5.9

Vulnerability Description

An issue was discovered in Samsung Semiconductor Mobile Processor and Modem Exynos 9820, Exynos 9825, Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 9110, Exynos W920, Exynos W930, Exynos Modem 5123, Exynos Modem 5300. The baseband software does not properly check a pointer specified by the CC (Call Control module), which can lead to Denial of Service (Untrusted Pointer Dereference).

Related Vulnerabilities

CVE-2015-5316

MEDIUM

CVSS:5.9(Medium)

The eap_pwd_perform_confirm_exchange function in eap_peer/eap_pwd.c in wpa_supplicant 2.x before 2.6, when EAP-pwd is enabled in a network configuration profile, allows remote attackers to cause a den...

CWE-4762015

CVE-2015-7977

MEDIUM

CVSS:5.9(Medium)

ntpd in NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (NULL pointer dereference) via a ntpdc reslist command.

CWE-4762015

CVE-2015-8762

MEDIUM

CVSS:5.9(Medium)

The EAP-PWD module in FreeRADIUS 3.0 through 3.0.8 allows remote attackers to cause a denial of service (NULL pointer dereference and server crash) via a zero-length EAP-PWD packet.

CWE-4762015

CVE-2016-2365

MEDIUM

CVSS:5.9(Medium)

A denial of service vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could potentially result in a null pointer dereference. A malic...

CWE-4762016

CVE-2016-2369

MEDIUM

CVSS:5.9(Medium)

A NULL pointer dereference vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could potentially result in a denial of service vulnerab...

CWE-4762016

CVE-2016-5354

MEDIUM

CVSS:5.9(Medium)

The USB subsystem in Wireshark 1.12.x before 1.12.12 and 2.x before 2.0.4 mishandles class types, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.

CWE-4762016