Total
68 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-25500 | 2 Google, Samsung | 5 Android, Exynos 2100, Exynos 980 and 2 more | 2024-11-21 | 2.1 LOW | 7.2 HIGH |
| A missing input validation in HDCP LDFW prior to SMR Nov-2021 Release 1 allows attackers to overwrite TZASC allowing TEE compromise. | |||||
| CVE-2021-25475 | 2 Google, Samsung | 4 Android, Exynos 2100, Exynos 980 and 1 more | 2024-11-21 | 7.2 HIGH | 3.9 LOW |
| A possible heap-based buffer overflow vulnerability in DSP kernel driver prior to SMR Oct-2021 Release 1 allows arbitrary memory write and code execution. | |||||
| CVE-2021-25467 | 2 Google, Samsung | 4 Android, Exynos 2100, Exynos 980 and 1 more | 2024-11-21 | 7.2 HIGH | 5.3 MEDIUM |
| Assuming system privilege is gained, possible buffer overflow vulnerabilities in the Vision DSP kernel driver prior to SMR Oct-2021 Release 1 allows privilege escalation to Root by hijacking loaded library. | |||||
| CVE-2021-25457 | 2 Google, Samsung | 4 Android, Exynos 2100, Exynos 980 and 1 more | 2024-11-21 | 2.1 LOW | 5.9 MEDIUM |
| An improper input validation vulnerability in DSP driver prior to SMR Sep-2021 Release 1 allows local attackers to get a limited kernel memory information. | |||||
| CVE-2021-25452 | 2 Google, Samsung | 4 Android, Exynos 2100, Exynos 980 and 1 more | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
| An improper input validation vulnerability in loading graph file in DSP driver prior to SMR Sep-2021 Release 1 allows attackers to perform permanent denial of service on the device. | |||||
| CVE-2021-25408 | 2 Google, Samsung | 5 Android, Exynos 2100, Exynos 980 and 2 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| A possible buffer overflow vulnerability in NPU driver prior to SMR JUN-2021 Release 1 allows arbitrary memory write and code execution. | |||||
| CVE-2021-25407 | 2 Google, Samsung | 5 Android, Exynos 2100, Exynos 980 and 2 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| A possible out of bounds write vulnerability in NPU driver prior to SMR JUN-2021 Release 1 allows arbitrary memory write. | |||||
| CVE-2021-25396 | 2 Google, Samsung | 5 Android, Exynos 2100, Exynos 980 and 2 more | 2024-11-21 | 4.6 MEDIUM | 6.7 MEDIUM |
| An improper input validation vulnerability in NPU firmware prior to SMR MAY-2021 Release 1 allows arbitrary memory write and code execution. | |||||