CVE-2021-25370
Samsung Mobile Devices Memory Corruption Vulnerability
CVSS
—
No CVSS
EPSS
0.9%
p55
KEV
YES
Nov 8, 2022
Exploit Today
67
0-100
Published: — · Last modified: —
Product
Samsung / Mobile Devices
Vulnerability
Samsung Mobile Devices Memory Corruption Vulnerability
Added to KEV
Nov 8, 2022
Remediate by
Nov 29, 2022
Known ransomware use
No
Summary description
Samsung mobile devices using Mali GPU contain an incorrect implementation handling file descriptor in dpu driver. This incorrect implementation results in memory corruption, leading to kernel panic. This vulnerability was chained with CVE-2021-25337 and CVE-2021-25369.
Required action
Apply updates per vendor instructions.
Notes
https://security.samsungmobile.com/securityUpdate.smsb; https://nvd.nist.gov/vuln/detail/CVE-2021-25370