CVE-2021-25488
https://notcve.org/view.php?id=CVE-2021-25488
Lack of boundary checking of a buffer in recv_data() of modem interface driver prior to SMR Oct-2021 Release 1 allows OOB read. Una falta de comprobación de límites de un búfer en la función recv_data() de modem interface driver versiones anteriores a SMR Oct-2021 Release 1, permite una lectura OOB • https://security.samsungmobile.com/securityUpdate.smsb?year=2021&month=10 • CWE-125: Out-of-bounds Read •
CVE-2021-25487 – Samsung Mobile Devices Out-of-Bounds Read Vulnerability
https://notcve.org/view.php?id=CVE-2021-25487
Lack of boundary checking of a buffer in set_skb_priv() of modem interface driver prior to SMR Oct-2021 Release 1 allows OOB read and it results in arbitrary code execution by dereference of invalid function pointer. Una falta de comprobación de límites de un búfer en la función set_skb_priv() de modem interface driver versiones anteriores a SMR Oct-2021 Release 1, permite una lectura OOB y permite una ejecución de código arbitrario por desreferencia de un puntero de función no válido Samsung mobile devices contain an out-of-bounds read vulnerability within the modem interface driver due to a lack of boundary checking of a buffer in set_skb_priv(), leading to remote code execution by dereference of an invalid function pointer. • https://security.samsungmobile.com/securityUpdate.smsb?year=2021&month=10 • CWE-125: Out-of-bounds Read •
CVE-2021-25486
https://notcve.org/view.php?id=CVE-2021-25486
Exposure of information vulnerability in ipcdump prior to SMR Oct-2021 Release 1 allows an attacker detect device information via analyzing packet in log. Una vulnerabilidad de exposición de información en ipcdump versiones anteriores a SMR Oct-2021 Release 1, permite a un atacante detectar información del dispositivo por medio del análisis de paquetes en el registro • https://security.samsungmobile.com/securityUpdate.smsb?year=2021&month=10 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2021-25484
https://notcve.org/view.php?id=CVE-2021-25484
Improper authentication in InputManagerService prior to SMR Oct-2021 Release 1 allows monitoring the touch event. Una autenticación inapropiada en InputManagerService versiones anteriores a SMR Oct-2021 Release 1, permite una monitorización del evento táctil • https://security.samsungmobile.com/securityUpdate.smsb?year=2021&month=10 • CWE-287: Improper Authentication •
CVE-2021-25483
https://notcve.org/view.php?id=CVE-2021-25483
Lack of boundary checking of a buffer in livfivextractor library prior to SMR Oct-2021 Release 1 allows OOB read. Una falta de comprobación de límites de un búfer en livfivextractor library versiones anteriores a SMR Oct-2021 Release 1, permite una lectura OOB • https://security.samsungmobile.com/securityUpdate.smsb?year=2021&month=10 • CWE-125: Out-of-bounds Read •