CVE-2021-25407 – Samsung NPU npu_session_format Out-Of-Bounds Write
https://notcve.org/view.php?id=CVE-2021-25407
A possible out of bounds write vulnerability in NPU driver prior to SMR JUN-2021 Release 1 allows arbitrary memory write. Una posible vulnerabilidad de escritura fuera de límites en NPU driver versiones anteriores a SMR JUN-2021 Release 1, permite una escritura arbitraria en la memoria Samsung NPU (Neural Processing Unit) suffers from an out-of-bounds write vulnerability in npu_session_format. • http://packetstormsecurity.com/files/163198/Samsung-NPU-npu_session_format-Out-Of-Bounds-Write.html https://security.samsungmobile.com/securityUpdate.smsb?year=2021&month=6 • CWE-787: Out-of-bounds Write •
CVE-2021-25372 – Samsung Mobile Devices Improper Boundary Check Vulnerability
https://notcve.org/view.php?id=CVE-2021-25372
An improper boundary check in DSP driver prior to SMR Mar-2021 Release 1 allows out of bounds memory access. Una comprobación inapropiada de límites en el controlador DSP versiones anteriores a SMR Mar-2021 Release 1, permite un acceso a la memoria fuera de límites. Samsung mobile devices contain an improper boundary check vulnerability within DSP driver that allows for out-of-bounds memory access. • https://security.samsungmobile.com https://security.samsungmobile.com/securityUpdate.smsb • CWE-787: Out-of-bounds Write •
CVE-2021-25371 – Samsung Mobile Devices Unspecified Vulnerability
https://notcve.org/view.php?id=CVE-2021-25371
A vulnerability in DSP driver prior to SMR Mar-2021 Release 1 allows attackers load arbitrary ELF libraries inside DSP. Una vulnerabilidad en el controlador DSP versiones anteriores a SMR Mar-2021 Release 1, permite a atacantes cargar bibliotecas ELF arbitrarias dentro de DSP. Samsung mobile devices contain an unspecified vulnerability within DSP driver that allows attackers to load ELF libraries inside DSP. • https://security.samsungmobile.com https://security.samsungmobile.com/securityUpdate.smsb • CWE-912: Hidden Functionality •
CVE-2021-25345
https://notcve.org/view.php?id=CVE-2021-25345
Graphic format mismatch while converting video format in hwcomposer prior to SMR Mar-2021 Release 1 results in kernel panic due to unsupported format. La falta de coincidencia del formato gráfico al convertir el formato de video en hwcomposer anterior a SMR Mar-2021 Release 1, resulta en un pánico del kernel debido a un formato no compatible • https://security.samsungmobile.com https://security.samsungmobile.com/securityUpdate.smsb •
CVE-2021-25339
https://notcve.org/view.php?id=CVE-2021-25339
Improper address validation in HArx in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows an attacker, given a compromised kernel, to corrupt EL2 memory. Una comprobación de direcciones inapropiada en HArx en los dispositivos móviles Samsung anteriores a SMR Mar-2021 Release 1, permite que un atacante, dado un kernel comprometido, corrompa la memoria EL2 • https://security.samsungmobile.com https://security.samsungmobile.com/securityUpdate.smsb • CWE-20: Improper Input Validation •