CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-25494
https://notcve.org/view.php?id=CVE-2021-25494
A possible buffer overflow vulnerability in libSPenBase library of Samsung Notes prior to Samsung Note version 4.3.02.61 allows arbitrary code execution. Una posible vulnerabilidad de desbordamiento de búfer en libSPenBase library de Samsung Notes versiones anteriores a Samsung Note 4.3.02.61, permite una ejecución de código arbitrario • https://security.samsungmobile.com/serviceWeb.smsb?year=2021&month=10 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-125: Out-of-bounds Read •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2021-25493
https://notcve.org/view.php?id=CVE-2021-25493
Lack of boundary checking of a buffer in libSPenBase library of Samsung Notes prior to Samsung Note version 4.3.02.61 allows OOB read Una falta de comprobación de límites de un búfer en libSPenBase library de Samsung Notes versiones anteriores a Samsung Note 4.3.02.61, permite una lectura OOB • https://security.samsungmobile.com/serviceWeb.smsb?year=2021&month=10 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 0CVE-2021-25492
https://notcve.org/view.php?id=CVE-2021-25492
Lack of boundary checking of a buffer in libSPenBase library of Samsung Notes prior to Samsung Note version 4.3.02.61 allows OOB read. Una falta de comprobación de límites de un búfer en libSPenBase library de Samsung Notes versiones anteriores a Samsung Note 4.3.02.61, permite una lectura OOB • https://security.samsungmobile.com/serviceWeb.smsb?year=2021&month=10 • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 4.4EPSS: 0%CPEs: 4EXPL: 0CVE-2021-25491
https://notcve.org/view.php?id=CVE-2021-25491
A vulnerability in mfc driver prior to SMR Oct-2021 Release 1 allows memory corruption via NULL-pointer dereference. Una vulnerabilidad en mfc driver versiones anteriores a SMR Oct-2021 Release 1, permite una corrupción de memoria por medio de una desreferencia de puntero NULL • https://security.samsungmobile.com/securityUpdate.smsb?year=2021&month=10 • CWE-476: NULL Pointer Dereference •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2021-25489 – Samsung Mobile Devices Improper Input Validation Vulnerability
https://notcve.org/view.php?id=CVE-2021-25489
Assuming radio permission is gained, missing input validation in modem interface driver prior to SMR Oct-2021 Release 1 results in format string bug leading to kernel panic. Suponiendo que se obtenga el permiso de radio, una falta de comprobación de entrada en modem interface driver versiones anteriores a SMR Oct-2021 Release 1, resulta en un bug de cadena de formato que conlleva a un pánico del kernel Samsung mobile devices contain an improper input validation vulnerability within the modem interface driver that results in a format string bug leading to kernel panic. • https://security.samsungmobile.com/securityUpdate.smsb?year=2021&month=10 • CWE-20: Improper Input Validation CWE-134: Use of Externally-Controlled Format String •