{"vulnerability": "CVE-2024-27377", "sightings": [{"uuid": "c75ea333-1356-45c5-8afc-e665638b3f85", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-27377", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/9503", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-27377\n\ud83d\udd25 CVSS Score: 6.7 (cvssV3_1, Vector: CVSS:3.1/AC:L/AV:L/A:H/C:H/I:H/PR:H/S:U/UI:N)\n\ud83d\udd39 Description: An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_nan_get_security_info_nl(), there is no input validation check on sec_info->key_info.body.pmk_info.pmk_len coming from userspace, which can lead to a heap overwrite.\n\ud83d\udccf Published: 2024-06-05T18:36:45.681Z\n\ud83d\udccf Modified: 2025-03-28T23:10:48.288Z\n\ud83d\udd17 References:\n1. https://semiconductor.samsung.com/support/quality-support/product-security-updates/", "creation_timestamp": "2025-03-28T23:29:27.000000Z"}]}