Primary

Context

Samsung Exynos Processors NULL Pointer Dereference Vulnerability Leading to Denial-of-Service

Vulnerability

A NULL pointer dereference vulnerability has been identified in Samsung Mobile Processors Exynos 1280, 2200, 1380, 1480, 2400, 1580, and 2500. The issue arises in the NPU component within the '__pilot_parsing_ncp()' function, where a NULL pointer dereference of 'session->ncp_hdr_buf' leads to a denial-of-service condition.

Impact

Exploitation of this vulnerability causes a denial-of-service condition, disrupting normal operation and availability of the affected system or component.

Added: Mar 3, 2026, 5:20 PM

Updated: Mar 3, 2026, 10:36 PM

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

2.5

exploitability

3.3

remediation

0.0

relevance

3.4

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

2.5

exploitability

3.3

remediation

0.0

relevance

3.4

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Samsung Exynos Processors NULL Pointer Dereference Vulnerability Leading to Denial-of-Service

Vulnerability

Impact

Affected Products

Samsung Exynos 1280

Samsung Exynos 2200

Samsung Exynos 1380

Samsung Exynos 1480

Samsung Exynos 2400

Samsung Exynos 1580

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating