CVE-2021-25487

Known Exploited (CISA KEV)HIGH

7.3

CVSS Severity Score

EPSS Score49.1600%

EPSS Percentile97.27th

Published2021年10月6日

Last Modified2025年10月30日

Vulnerability Description

Lack of boundary checking of a buffer in set_skb_priv() of modem interface driver prior to SMR Oct-2021 Release 1 allows OOB read and it results in arbitrary code execution by dereference of invalid function pointer.

Affected Platforms (CPE)

💻

Samsung

Android

= 8.1

💻

Samsung

Android

= 9.0

💻

Samsung

Android

= 9.0

💻

Samsung

Android

= 9.0

💻

Samsung

Android

= 9.0

💻

Samsung

Android

= 9.0

💻

Samsung

Android

= 9.0

💻

Samsung

Android

= 9.0

💻

Samsung

Android

= 9.0

💻

Samsung

Android

= 9.0

💻

Samsung

Android

= 10.0

💻

Samsung

Android

= 10.0

💻

Samsung

Android

= 10.0

💻

Samsung

Android

= 10.0

💻

Samsung

Android

= 10.0

💻

Samsung

Android

= 10.0

💻

Samsung

Android

= 10.0

💻

Samsung

Android

= 10.0

💻

Samsung

Android

= 10.0

💻

Samsung

Android

= 11.0

💻

Samsung

Android

= 11.0

💻

Samsung

Android

= 11.0

💻

Samsung

Android

= 11.0

💻

Samsung

Android

= 11.0

💻

Samsung

Android

= 11.0

💻

Samsung

Android

= 11.0

💻

Samsung

Android

= 11.0

💻

Samsung

Android

= 11.0

References & Advisories

🔗 https://security.samsungmobile.com/securityUpdate.smsb?year=2021&month=10

🔗 https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-25487

Vulnerability Description

Affected Platforms (CPE)

Android

Android

Android

Android

Android

Android

Android

Android

Android

Android

Android

Android

Android

Android

Android

Android

Android

Android

Android

Android

Android

Android

Android

Android

Android

Android

Android

Android

References & Advisories

相關漏洞威脅