CVE-2021-25415

CVE-2021-25415

Vendor Samsung Mobile
Product Samsung Mobile Devices
Weakness CWE-94 · Code injection
Published June 11, 2021
Last update August 3, 2024

CVSS base score

What the vulnerability does

01Description

Assuming EL1 is compromised, an improper address validation in RKP prior to SMR JUN-2021 Release 1 allows local attackers to remap EL2 memory as writable.

Key dates

02Disclosure timeline

June 11, 2021 CVE published
August 3, 2024 Record updated