- EPSS 0.75%
- Veröffentlicht 06.10.2021 18:15:09
- Zuletzt bearbeitet 21.11.2024 05:55:05
A keyblob downgrade attack in keymaster prior to SMR Oct-2021 Release 1 allows attacker to trigger IV reuse vulnerability with privileged process.
CVE-2021-25491
- EPSS 0.1%
- Veröffentlicht 06.10.2021 18:15:09
- Zuletzt bearbeitet 21.11.2024 05:55:06
A vulnerability in mfc driver prior to SMR Oct-2021 Release 1 allows memory corruption via NULL-pointer dereference.
CVE-2021-25467
- EPSS 0.11%
- Veröffentlicht 06.10.2021 18:15:08
- Zuletzt bearbeitet 21.11.2024 05:55:03
Assuming system privilege is gained, possible buffer overflow vulnerabilities in the Vision DSP kernel driver prior to SMR Oct-2021 Release 1 allows privilege escalation to Root by hijacking loaded library.
CVE-2021-25468
- EPSS 0.11%
- Veröffentlicht 06.10.2021 18:15:08
- Zuletzt bearbeitet 21.11.2024 05:55:03
A possible guessing and confirming a byte memory vulnerability in Widevine trustlet prior to SMR Oct-2021 Release 1 allows attackers to read arbitrary memory address.
CVE-2021-25469
- EPSS 0.13%
- Veröffentlicht 06.10.2021 18:15:08
- Zuletzt bearbeitet 21.11.2024 05:55:03
A possible stack-based buffer overflow vulnerability in Widevine trustlet prior to SMR Oct-2021 Release 1 allows arbitrary code execution.
CVE-2021-25470
- EPSS 0.12%
- Veröffentlicht 06.10.2021 18:15:08
- Zuletzt bearbeitet 21.11.2024 05:55:03
An improper caller check logic of SMC call in TEEGRIS secure OS prior to SMR Oct-2021 Release 1 can be used to compromise TEE.
CVE-2021-25471
- EPSS 0.39%
- Veröffentlicht 06.10.2021 18:15:08
- Zuletzt bearbeitet 21.11.2024 05:55:03
A lack of replay attack protection in Security Mode Command process prior to SMR Oct-2021 Release 1 can lead to denial of service on mobile network connection and battery depletion.
CVE-2021-25472
- EPSS 0.1%
- Veröffentlicht 06.10.2021 18:15:08
- Zuletzt bearbeitet 21.11.2024 05:55:03
An improper access control vulnerability in BluetoothSettingsProvider prior to SMR Oct-2021 Release 1 allows untrusted application to overwrite some Bluetooth information.
CVE-2021-25473
- EPSS 0.1%
- Veröffentlicht 06.10.2021 18:15:08
- Zuletzt bearbeitet 21.11.2024 05:55:03
Assuming a shell privilege is gained, an improper exception handling for multi_sim_bar_hide_by_meadia_full value in SystemUI prior to SMR Oct-2021 Release 1 allows an attacker to cause a permanent denial of service in user device before factory reset...
CVE-2021-25474
- EPSS 0.1%
- Veröffentlicht 06.10.2021 18:15:08
- Zuletzt bearbeitet 21.11.2024 05:55:03
Assuming a shell privilege is gained, an improper exception handling for multi_sim_bar_show_on_qspanel value in SystemUI prior to SMR Oct-2021 Release 1 allows an attacker to cause a permanent denial of service in user device before factory reset.