CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-25370

An incorrect implementation handling file descriptor in dpu driver prior to SMR Mar-2021 Release 1 results in memory corruption leading to kernel panic.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.009

EPSS Ranking 74.4%

CVSS Severity

CVSS v3 Score 6.1

CVSS v2 Score 4.9

Proposed Action

Samsung mobile devices using Mali GPU contain an incorrect implementation handling file descriptor in dpu driver. This incorrect implementation results in memory corruption, leading to kernel panic. This vulnerability was chained with CVE-2021-25337 and CVE-2021-25369.

Ransomware Campaign

Unknown

References

Products affected by CVE-2021-25370

Samsung » Android » Version: 10.0

cpe:2.3:o:samsung:android:10.0
Samsung » Android » Version: 11.0

cpe:2.3:o:samsung:android:11.0
Samsung » Android » Version: 8.0

cpe:2.3:o:samsung:android:8.0
Samsung » Android » Version: 8.1

cpe:2.3:o:samsung:android:8.1
Samsung » Android » Version: 9.0

cpe:2.3:o:samsung:android:9.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-25370

Products

Pricing

Contact Us