CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2021-25489 – Samsung Mobile Devices Improper Input Validation Vulnerability
https://notcve.org/view.php?id=CVE-2021-25489
Assuming radio permission is gained, missing input validation in modem interface driver prior to SMR Oct-2021 Release 1 results in format string bug leading to kernel panic. Suponiendo que se obtenga el permiso de radio, una falta de comprobación de entrada en modem interface driver versiones anteriores a SMR Oct-2021 Release 1, resulta en un bug de cadena de formato que conlleva a un pánico del kernel Samsung mobile devices contain an improper input validation vulnerability within the modem interface driver that results in a format string bug leading to kernel panic. • https://security.samsungmobile.com/securityUpdate.smsb?year=2021&month=10 • CWE-20: Improper Input Validation CWE-134: Use of Externally-Controlled Format String •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2021-25488
https://notcve.org/view.php?id=CVE-2021-25488
Lack of boundary checking of a buffer in recv_data() of modem interface driver prior to SMR Oct-2021 Release 1 allows OOB read. Una falta de comprobación de límites de un búfer en la función recv_data() de modem interface driver versiones anteriores a SMR Oct-2021 Release 1, permite una lectura OOB • https://security.samsungmobile.com/securityUpdate.smsb?year=2021&month=10 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2021-25487 – Samsung Mobile Devices Out-of-Bounds Read Vulnerability
https://notcve.org/view.php?id=CVE-2021-25487
Lack of boundary checking of a buffer in set_skb_priv() of modem interface driver prior to SMR Oct-2021 Release 1 allows OOB read and it results in arbitrary code execution by dereference of invalid function pointer. Una falta de comprobación de límites de un búfer en la función set_skb_priv() de modem interface driver versiones anteriores a SMR Oct-2021 Release 1, permite una lectura OOB y permite una ejecución de código arbitrario por desreferencia de un puntero de función no válido Samsung mobile devices contain an out-of-bounds read vulnerability within the modem interface driver due to a lack of boundary checking of a buffer in set_skb_priv(), leading to remote code execution by dereference of an invalid function pointer. • https://security.samsungmobile.com/securityUpdate.smsb?year=2021&month=10 • CWE-125: Out-of-bounds Read •
CVSS: 6.7EPSS: 0%CPEs: 5EXPL: 0CVE-2021-25481
https://notcve.org/view.php?id=CVE-2021-25481
An improper error handling in Exynos CP booting driver prior to SMR Oct-2021 Release 1 allows local attackers to bypass a Secure Memory Protector of Exynos CP Memory. Un manejo inapropiado de errores en Exynos CP booting driver versiones anteriores a SMR Oct-2021 Release 1, permite a atacantes locales omitir un protector de memoria seguro de la memoria de Exynos CP • https://security.samsungmobile.com/securityUpdate.smsb?year=2021&month=10 • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 7.2EPSS: 0%CPEs: 5EXPL: 0CVE-2021-25479
https://notcve.org/view.php?id=CVE-2021-25479
A possible heap-based buffer overflow vulnerability in Exynos CP Chipset prior to SMR Oct-2021 Release 1 allows arbitrary memory write and code execution. Una posible vulnerabilidad de desbordamiento del búfer en la región heap de la memoria en Exynos CP Chipset versiones anteriores a SMR Oct-2021 Release 1, permite una escritura de memoria arbitraria y una ejecución de código • https://security.samsungmobile.com/securityUpdate.smsb?year=2021&month=10 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •