CVE-2021-39741

In Keymaster, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-173567719...

Out-of-bounds

In Keymaster, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-173567719...

CVE-2021-39741

In Keymaster, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-173567719...

CVE-2021-39741

CVE-2021-39741 affects the Android Keymaster component on Android 12L, with an out-of-bounds write caused by a missing bounds check. This leads to local elevation of privilege with System execution privileges required; no user interaction is needed. The issue is listed in Android 12L security rel...

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google, Inc. An elevation of privilege vulnerability exists in Google Android, which stems from a lack of boundary checking in Keymaster that could result in out-of-bounds writes. An attacker could exploit this vulnerability to cau...

CVE-2021-25490

A keyblob downgrade attack in keymaster prior to SMR Oct-2021 Release 1 allows attacker to trigger IV reuse vulnerability with privileged process...

CVE-2021-25490

A keyblob downgrade attack in keymaster prior to SMR Oct-2021 Release 1 allows attacker to trigger IV reuse vulnerability with privileged process...

Code injection

A keyblob downgrade attack in keymaster prior to SMR Oct-2021 Release 1 allows attacker to trigger IV reuse vulnerability with privileged process...

CVE-2021-25490

CVE-2021-25490 documents a keyblob downgrade attack in Samsung’s Keymaster TA (TrustZone) that enables triggering IV reuse with a privileged process. The root cause is related to the legacy keyblob/blob implementation in Keymaster, allowing misuse of initialization vectors. Affected devices inclu...

SAMSUNG Mobile devices 安全漏洞

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc. from the South Korean company SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices versions prior to SMR Oct-2021 Release 1, which stems from a keyblob degradation attack in keymaster...

PT-2021-16680 · Keymaster · Keymaster

Name of the Vulnerable Software and Affected Versions: keymaster versions prior to SMR Oct-2021 Release 1 Description: A keyblob downgrade attack in keymaster allows an attacker to trigger an IV reuse issue with a privileged process. Recommendations: For versions prior to SMR Oct-2021 Release 1,...

CVE-2021-25444

An IV reuse vulnerability in keymaster prior to SMR AUG-2021 Release 1 allows decryption of custom keyblob with privileged process...

CVE-2021-25444

An IV reuse vulnerability in keymaster prior to SMR AUG-2021 Release 1 allows decryption of custom keyblob with privileged process...

Design/Logic Flaw

An IV reuse vulnerability in keymaster prior to SMR AUG-2021 Release 1 allows decryption of custom keyblob with privileged process...

CVE-2021-25444

An IV reuse vulnerability in keymaster prior to SMR AUG-2021 Release 1 allows decryption of custom keyblob with privileged process...

CVE-2021-25444

CVE-2021-25444 is a vulnerability in Samsung’s Keymaster Trusted Application (TA) running in the ARM TrustZone Secure World. The issue is an IV reuse flaw in the Keymaster TA that decrypts custom key blobs, enabling a privileged process to access hardware-backed keys. Affected devices include Sam...

SAMSUNG Mobile devices 安全特征问题特征问题漏洞

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc., from South Korea's Samsung SAMSUNG. A security signature issue vulnerability exists in SAMSUNG Mobile devices SMR prior to AUG-2021 Release 1, which stems from an IV reuse vulnerability in keymaste...

PT-2021-6224 · Samsung · Android Keystore

Name of the Vulnerable Software and Affected Versions: Android Keystore versions prior to SMR AUG-2021 Release 1 Description: The issue is related to an IV reuse vulnerability in the keymaster, which allows decryption of custom keyblobs with privileged processes. This vulnerability is associated...

Race condition

In isdevicelocked and setdevicelocked of keystorekeymasterenforcement.h, there is a possible bypass of lockscreen requirements for keyguard bound keys due to a race condition. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not...

CVE-2019-10615

u'Possibility of integer overflow in keymaster 4 while allocating memory due to multiplication of large numcerts value and size of keymaster bob which can lead to memory corruption' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT...