CVE-2021-25487
Lack of boundary checking of a buffer in set_skb_priv() of modem interface driver prior to SMR Oct-2021 Release 1 allows OOB read and it results in...
Basic Information
- CVE State
- PUBLISHED
- Reserved Date
- January 19, 2021
- Published Date
- October 06, 2021
- Last Updated
- February 04, 2025
- Vendor
- Samsung Mobile
- Product
- Samsung Mobile Devices
- Description
- Lack of boundary checking of a buffer in set_skb_priv() of modem interface driver prior to SMR Oct-2021 Release 1 allows OOB read and it results in arbitrary code execution by dereference of invalid function pointer.
CVSS Scores
CVSS v3.1
7.3 - HIGH
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N
SSVC Information
- Exploitation
- active
- Technical Impact
- total
Exploit Status
- Exploited in the Wild
- Yes (added 2023-06-29 00:00:00 UTC) Source
Known Exploited Vulnerability Information
| Source | Added Date |
|---|---|
| CISA | 2023-06-29 00:00:00 UTC |