CVE-2021-25487
Samsung Mobile Devices Out-of-Bounds Read Vulnerability
CVSS
—
Sin CVSS
EPSS
0.6%
p45
KEV
SÍ
29 jun 2023
Exploit Today
63
0-100
Publicado: — · Última mod.: —
Producto
Samsung / Mobile Devices
Vulnerabilidad
Samsung Mobile Devices Out-of-Bounds Read Vulnerability
Añadido a KEV
29 jun 2023
Remediar antes de
20 jul 2023
Uso conocido en ransomware
No
Descripción resumida
Samsung mobile devices contain an out-of-bounds read vulnerability within the modem interface driver due to a lack of boundary checking of a buffer in set_skb_priv(), leading to remote code execution by dereference of an invalid function pointer.
Acción requerida
Apply updates per vendor instructions or discontinue use of the product if updates are unavailable
Notas
https://security.samsungmobile.com/securityUpdate.smsb?year=2021&month=10; https://nvd.nist.gov/vuln/detail/CVE-2021-25487