CVE-2021-25416

CVE-2021-25416

Vendor Samsung Mobile
Product Samsung Mobile Devices
Weakness CWE-94 · Code injection
Published June 11, 2021
Last update August 3, 2024

CVSS base score

What the vulnerability does

01Description

Assuming EL1 is compromised, an improper address validation in RKP prior to SMR JUN-2021 Release 1 allows local attackers to create executable kernel page outside code area.

Key dates

02Disclosure timeline

June 11, 2021 CVE published
August 3, 2024 Record updated