Lucene search

Samsung MobileCVELIST:CVE-2021-25475

HistoryOct 06, 2021 - 5:08 p.m.

CVE-2021-25475

2021-10-0617:08:30

CWE-122

Samsung Mobile

www.cve.org

3.9 Low

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L

0.0004 Low

EPSS

Percentile

12.6%

JSON

A possible heap-based buffer overflow vulnerability in DSP kernel driver prior to SMR Oct-2021 Release 1 allows arbitrary memory write and code execution.

CNA Affected

[
  {
    "product": "Samsung Mobile Devices",
    "vendor": "Samsung Mobile",
    "versions": [
      {
        "lessThan": "SMR Oct-2021 Release 1",
        "status": "affected",
        "version": "Q(10.0), R(11.0) ",
        "versionType": "custom"
      }
    ]
  }
]

References

security.samsungmobile.com/securityUpdate.smsb?year=2021&month=10

3.9 Low

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L

0.0004 Low

EPSS

Percentile

12.6%

JSON

Related for CVELIST:CVE-2021-25475