28 matches found
EUVD-2021-12266
Malware in sbrugna...
CVE-2021-25369
An improper access control vulnerability in seclog file prior to SMR MAR-2021 Release 1 exposes sensitive kernel information to userspace...
CVE-2021-25372
An improper boundary check in DSP driver prior to SMR Mar-2021 Release 1 allows out of bounds memory access...
CVE-2021-25370
An incorrect implementation handling file descriptor in dpu driver prior to SMR Mar-2021 Release 1 results in memory corruption leading to kernel panic...
CVE-2021-25371
A vulnerability in DSP driver prior to SMR Mar-2021 Release 1 allows attackers load arbitrary ELF libraries inside DSP...
Memory corruption
An incorrect implementation handling file descriptor in dpu driver prior to SMR Mar-2021 Release 1 results in memory corruption leading to kernel panic...
Design/Logic Flaw
An improper boundary check in DSP driver prior to SMR Mar-2021 Release 1 allows out of bounds memory access...
Improper access control
An improper access control vulnerability in seclog file prior to SMR MAR-2021 Release 1 exposes sensitive kernel information to userspace...
CVE-2021-25372
CVE-2021-25372 describes an improper boundary check in the Samsung mobile DSP driver, causing out-of-bounds memory access. Affected: Samsung mobile devices with the DSP driver (prior to SMR Mar-2021 Release 1). Root cause: boundary check weakness leading to out-of-bounds reads/writes. Impact per ...
CVE-2021-25371
A vulnerability in DSP driver prior to SMR Mar-2021 Release 1 allows attackers load arbitrary ELF libraries inside DSP...
CVE-2021-25370
CVE-2021-25370 is a Samsung-internal chain of three vulnerabilities fixed in SMR Mar-2021 Release 1. The final issue is a use-after-free in the Display Processing Unit (DPU) driver that allows memory corruption leading to kernel panic when a file descriptor is mishandled in the DPU path. The thre...
CVE-2021-25369
An improper access control vulnerability in seclog file prior to SMR MAR-2021 Release 1 exposes sensitive kernel information to userspace...
CVE-2021-25370
An incorrect implementation handling file descriptor in dpu driver prior to SMR Mar-2021 Release 1 results in memory corruption leading to kernel panic. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
CVE-2021-25369
An improper access control vulnerability in seclog file prior to SMR MAR-2021 Release 1 exposes sensitive kernel information to userspace. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
CVE-2021-25371
A vulnerability in DSP driver prior to SMR Mar-2021 Release 1 allows attackers load arbitrary ELF libraries inside DSP. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
CVE-2021-25372
An improper boundary check in DSP driver prior to SMR Mar-2021 Release 1 allows out of bounds memory access. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
CVE-2021-25344
Missing permission check in knoxcustom service prior to SMR Mar-2021 Release 1 allows attackers to gain access to device's serial number without permission...
Format string
Graphic format mismatch while converting video format in hwcomposer prior to SMR Mar-2021 Release 1 results in kernel panic due to unsupported format...
CVE-2021-25336
Improper access control in NotificationManagerService in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows untrusted applications to acquire notification access via sending a crafted malicious intent...
CVE-2021-25338
Improper memory access control in RKP in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows an attacker, given a compromised kernel, to write certain part of RKP EL2 memory region...