CVE-2021-25488

The CVE-2021-25488 issue affects Samsung devices via the modem interface driver’s recv_data() function. The root cause is a missing boundary check in the buffer handling, before the SMR Oct-2021 Release 1 patch, which permits an out-of-bounds (OOB) read. The vulnerability is documented across mul...

CVE-2021-25488

Lack of boundary checking of a buffer in recvdata of modem interface driver prior to SMR Oct-2021 Release 1 allows OOB read...

CVE-2021-25487

CVE-2021-25487 : Samsung Mobile Devices exhibit an out-of-bounds/read boundary issue in the modem interface driver’s set_skb_priv() prior to SMR Oct-2021 Release 1. This OOB read can lead to arbitrary code execution by dereferencing an invalid function pointer. Connected sources consistently desc...

CVE-2021-25487

Lack of boundary checking of a buffer in setskbpriv of modem interface driver prior to SMR Oct-2021 Release 1 allows OOB read and it results in arbitrary code execution by dereference of invalid function pointer...

CVE-2021-25480

CVE-2021-25480 describes a vulnerability in the GUTI REALLOCATION COMMAND handling within Qualcomm modems, where a lack of replay attack protection before Samsung’s SMR Oct-2021 Release 1 could enable remote denial of service on the mobile network connection. The issue is tied to Qualcomm modem p...

CVE-2021-25477

An improper error handling in Mediatek RRC Protocol stack prior to SMR Oct-2021 Release 1 allows modem crash and remote denial of service...

CVE-2021-25477

CVE-2021-25477 affects Mediatek RRC Protocol stack; improper error handling could cause a modem crash and remote DoS. Root cause described as error handling weakness in the Mediatek RRC stack prior to SMR Oct-2021 Release 1. Documented impact is network-exposed denial of service with potential av...

Samsung SMR 格式化字符串错误漏洞

SAMSUNG SMR is a system patch package from the South Korean company Samsung SAMSUNG. It provides patches for Samsung cell phone applications. A Format String Error vulnerability exists in versions prior to Samsung SMR Oct-2021 Release 1. The vulnerability stems from a lack of input validation in...

Samsung SMR 缓冲区错误漏洞

Samsung SMR is a system patch package from Samsung South Korea. It provides patches for Samsung cell phone applications. A security vulnerability exists in versions prior to Samsung SMR Oct-2021 Release 1, which stems from a missing buffer boundary check in recvdata of the modem interface driver,...

PT-2021-16679 · Samsung · Samsung Mobile Devices

Name of the Vulnerable Software and Affected Versions: Samsung Mobile Devices versions prior to SMR Oct-2021 Release 1 Description: The issue is related to improper input validation in the modem interface driver. Assuming radio permission is gained, missing input validation results in a format...

PT-2021-16677 · Samsung · Samsung Mobile Devices

Name of the Vulnerable Software and Affected Versions: Samsung Mobile Devices versions prior to SMR Oct-2021 Release 1 Description: The issue is related to a lack of boundary checking of a buffer in the set skb priv function of the modem interface driver. This allows an out-of-bounds read, which...

Samsung SMR 缓冲区错误漏洞

Samsung SMR is a system patch package from Samsung South Korea. It provides patches for Samsung cell phone applications. A security vulnerability exists in versions prior to Samsung SMR Oct-2021 Release 1, which stems from a lack of buffer boundary checking in setskbpriv of the modem interface...

CVE-2021-25487

Lack of boundary checking of a buffer in setskbpriv of modem interface driver prior to SMR Oct-2021 Release 1 allows OOB read and it results in arbitrary code execution by dereference of invalid function pointer. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed...

多款Qualcomm产品授权问题漏洞

Qualcomm QCA6574AU and others are products of Qualcomm Incorporated Qualcomm.QCA6574AU is a central processing unit CPU product.APQ8053 is a central processing unit CPU product.SDX55 is a modem. Multiple Qualcomm Products WIGIGI Host An authorization issue vulnerability exists that stems from...

多款Qualcomm产品缓冲区错误漏洞

Qualcomm MDM9650 and others are products of Qualcomm Incorporated Qualcomm, U.S.A. The MDM9650 is a central processing unit CPU product.The MSM8996AU is a central processing unit CPU product.The QCA6574AU is a central processing unit CPU product.The QCA6574AU is a central processing unit CPU...

CVE-2021-37273

A Denial of Service issue exists in China Telecom Corporation EPON Tianyi Gateway ZXHN F450EPON ONU 3.0. Tianyi Gateway is a hardware terminal of "Optical Modem Smart Router." Attackers can use this vulnerability to restart the device multiple times...

CVE-2021-37273

A Denial of Service issue exists in China Telecom Corporation EPON Tianyi Gateway ZXHN F450EPON ONU 3.0. Tianyi Gateway is a hardware terminal of "Optical Modem Smart Router." Attackers can use this vulnerability to restart the device multiple times...

CVE-2021-37273

A Denial of Service issue exists in China Telecom Corporation EPON Tianyi Gateway ZXHN F450EPON ONU 3.0. Tianyi Gateway is a hardware terminal of "Optical Modem Smart Router." Attackers can use this vulnerability to restart the device multiple times...

CVE-2021-32487

In modem 2G RRM, there is a possible system crash due to a heap buffer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00500736; Issue ID: ALPS04938456...

CVE-2021-32487

In modem 2G RRM, there is a possible system crash due to a heap buffer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00500736; Issue ID: ALPS04938456...