cvelistv5 - cve-2021-25487

CVE-2021-25487 (GCVE-0-2021-25487)

Vulnerability from cvelistv5

Published

2021-10-06 17:10

Modified

2025-10-21 23:25

Severity ?

7.3 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N

CWE

CWE-125 - Out-of-bounds Read

Summary

References

URL

	Vendor	Product	Version
	Samsung Mobile	Samsung Mobile Devices	Version: O(8.1), P(9.0), Q(10.0), R(11.0) < SMR Oct-2021 Release 1

CISA Known Exploited Vulnerability

Data from the CISA Known Exploited Vulnerabilities Catalog

Date added: 2023-06-29

Due date: 2023-07-20

Required action: Apply updates per vendor instructions or discontinue use of the product if updates are unavailable

Used in ransomware: Unknown

Notes: https://security.samsungmobile.com/securityUpdate.smsb?year=2021&month=10; https://nvd.nist.gov/vuln/detail/CVE-2021-25487

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T20:03:05.746Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2021\u0026month=10"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-25487",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-04T21:23:33.780364Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2023-06-29",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-25487"
              },
              "type": "kev"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-21T23:25:30.525Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "government-resource"
            ],
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-25487"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2023-06-29T00:00:00+00:00",
            "value": "CVE-2021-25487 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Samsung Mobile Devices",
          "vendor": "Samsung Mobile",
          "versions": [
            {
              "lessThan": "SMR Oct-2021 Release 1",
              "status": "affected",
              "version": "O(8.1), P(9.0), Q(10.0), R(11.0)",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Lack of boundary checking of a buffer in set_skb_priv() of modem interface driver prior to SMR Oct-2021 Release 1 allows OOB read and it results in arbitrary code execution by dereference of invalid function pointer."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-125",
              "description": "CWE-125: Out-of-bounds Read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-10-06T17:10:26.000Z",
        "orgId": "3af57064-a867-422c-b2ad-40307b65c458",
        "shortName": "Samsung Mobile"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2021\u0026month=10"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "mobile.security@samsung.com",
          "ID": "CVE-2021-25487",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Samsung Mobile Devices",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "O(8.1), P(9.0), Q(10.0), R(11.0)",
                            "version_value": "SMR Oct-2021 Release 1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Samsung Mobile"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Lack of boundary checking of a buffer in set_skb_priv() of modem interface driver prior to SMR Oct-2021 Release 1 allows OOB read and it results in arbitrary code execution by dereference of invalid function pointer."
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-125: Out-of-bounds Read"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.samsungmobile.com/securityUpdate.smsb?year=2021\u0026month=10",
              "refsource": "MISC",
              "url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2021\u0026month=10"
            }
          ]
        },
        "source": {
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458",
    "assignerShortName": "Samsung Mobile",
    "cveId": "CVE-2021-25487",
    "datePublished": "2021-10-06T17:10:26.000Z",
    "dateReserved": "2021-01-19T00:00:00.000Z",
    "dateUpdated": "2025-10-21T23:25:30.525Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "cisa_known_exploited": {
      "cveID": "CVE-2021-25487",
      "cwes": "[\"CWE-125\"]",
      "dateAdded": "2023-06-29",
      "dueDate": "2023-07-20",
      "knownRansomwareCampaignUse": "Unknown",
      "notes": "https://security.samsungmobile.com/securityUpdate.smsb?year=2021\u0026month=10; https://nvd.nist.gov/vuln/detail/CVE-2021-25487",
      "product": "Mobile Devices",
      "requiredAction": "Apply updates per vendor instructions or discontinue use of the product if updates are unavailable",
      "shortDescription": "Samsung mobile devices contain an out-of-bounds read vulnerability within the modem interface driver due to a lack of boundary checking of a buffer in set_skb_priv(), leading to remote code execution by dereference of an invalid function pointer.",
      "vendorProject": "Samsung",
      "vulnerabilityName": "Samsung Mobile Devices Out-of-Bounds Read Vulnerability"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2021-25487\",\"sourceIdentifier\":\"mobile.security@samsung.com\",\"published\":\"2021-10-06T18:15:09.567\",\"lastModified\":\"2025-10-22T00:17:27.163\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Lack of boundary checking of a buffer in set_skb_priv() of modem interface driver prior to SMR Oct-2021 Release 1 allows OOB read and it results in arbitrary code execution by dereference of invalid function pointer.\"},{\"lang\":\"es\",\"value\":\"Una falta de comprobaci\u00f3n de l\u00edmites de un b\u00fafer en la funci\u00f3n set_skb_priv() de modem interface driver versiones anteriores a SMR Oct-2021 Release 1, permite una lectura OOB y permite una ejecuci\u00f3n de c\u00f3digo arbitrario por desreferencia de un puntero de funci\u00f3n no v\u00e1lido\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"mobile.security@samsung.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N\",\"baseScore\":7.3,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.0,\"impactScore\":4.7},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":4.6,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.9,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"cisaExploitAdd\":\"2023-06-29\",\"cisaActionDue\":\"2023-07-20\",\"cisaRequiredAction\":\"Apply updates per vendor instructions or discontinue use of the product if updates are unavailable\",\"cisaVulnerabilityName\":\"Samsung Mobile Devices Out-of-Bounds Read Vulnerability\",\"weaknesses\":[{\"source\":\"mobile.security@samsung.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-125\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-125\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:samsung:android:8.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"3E4F5C8C-AF0C-47F4-A3B0-A6D924FB72BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:samsung:android:9.0:smr-apr-2021-r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"C690D390-5631-4294-AEB8-9A4C5564FA44\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:samsung:android:9.0:smr-aug-2021-r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"878D73CA-D317-4304-B7FB-00DE79DA7074\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:samsung:android:9.0:smr-feb-2021-r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"3B9A3B41-AAC9-4E23-A265-959A9852B94C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:samsung:android:9.0:smr-jan-2021-r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"B93A5F5F-BF53-44D3-9583-811CC284DF86\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:samsung:android:9.0:smr-jul-2021-r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"30154AB6-C412-48D6-9123-42639B116093\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:samsung:android:9.0:smr-jun-2021-r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"6538D01C-1645-4C4B-8559-EA20FFCD87F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:samsung:android:9.0:smr-mar-2021-r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"62A933C7-9739-43DD-851E-0C2009858B77\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:samsung:android:9.0:smr-may-2021-r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"B5A0003A-1655-4945-988E-C79CC8A41B11\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:samsung:android:9.0:smr-sep-2021-r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"620EF7BF-1A66-4E96-A05A-2296C9272A34\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:samsung:android:10.0:smr-apr-2021-r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"5E21936D-9A60-4987-A6BF-C8F1885FB478\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:samsung:android:10.0:smr-aug-2021-r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"2559EDCB-09F8-4AC0-AE53-9B0E934D2D74\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:samsung:android:10.0:smr-feb-2021-r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"18C71F11-7599-4AE1-B455-C7A50D8D5F4D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:samsung:android:10.0:smr-jan-2021-r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"878AAF2D-E54A-4145-A618-81341ED4B0C8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:samsung:android:10.0:smr-jul-2021-r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"84641402-4778-418B-90F3-2AFAF90B4798\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:samsung:android:10.0:smr-jun-2021-r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"C72C3A92-43ED-40F4-B340-FE57FED9E762\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:samsung:android:10.0:smr-mar-2021-r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"7EBA9C21-8EDA-48B2-B63C-D50B2F83C31B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:samsung:android:10.0:smr-may-2021-r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"0CC8A026-B21C-47E0-B889-BD62F379737E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:samsung:android:10.0:smr-sep-2021-r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"5B1DCD3C-2418-4194-97FA-901550B2ED3D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:samsung:android:11.0:smr-apr-2021-r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"8D2D0083-0A85-47F7-A42D-2040A3BEC132\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:samsung:android:11.0:smr-aug-2021-r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"A3658A42-BCA9-4188-8B36-3C6599BBF83C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:samsung:android:11.0:smr-feb-2021-r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"25B42CE0-67DE-4611-8D70-DEEC975E32BA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:samsung:android:11.0:smr-jan-2021-r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"AC082E25-1B7D-473D-A066-1463E6321CD5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:samsung:android:11.0:smr-jul-2021-r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"2B088DE9-31F1-4737-8BC8-CC406F208ACB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:samsung:android:11.0:smr-jun-2021-r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"C2592B14-B3B7-4C85-88E8-5E12F6F50ED3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:samsung:android:11.0:smr-mar-2021-r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"BA51F5D5-D18D-426C-B09F-EE12CE11E9FB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:samsung:android:11.0:smr-may-2021-r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"6C946853-D56D-457C-A1CB-AD1A5BD56C41\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:samsung:android:11.0:smr-sep-2021-r1:*:*:*:*:*:*\",\"matchCriteriaId\":\"548BCC15-C6D8-4AE7-B167-4DD74382097B\"}]}]}],\"references\":[{\"url\":\"https://security.samsungmobile.com/securityUpdate.smsb?year=2021\u0026month=10\",\"source\":\"mobile.security@samsung.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://security.samsungmobile.com/securityUpdate.smsb?year=2021\u0026month=10\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-25487\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\"}]}}",
    "vulnrichment": {
      "containers": "{\"cna\": {\"affected\": [{\"product\": \"Samsung Mobile Devices\", \"vendor\": \"Samsung Mobile\", \"versions\": [{\"lessThan\": \"SMR Oct-2021 Release 1\", \"status\": \"affected\", \"version\": \"O(8.1), P(9.0), Q(10.0), R(11.0)\", \"versionType\": \"custom\"}]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Lack of boundary checking of a buffer in set_skb_priv() of modem interface driver prior to SMR Oct-2021 Release 1 allows OOB read and it results in arbitrary code execution by dereference of invalid function pointer.\"}], \"metrics\": [{\"cvssV3_1\": {\"attackComplexity\": \"LOW\", \"attackVector\": \"LOCAL\", \"availabilityImpact\": \"NONE\", \"baseScore\": 7.3, \"baseSeverity\": \"HIGH\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"LOW\", \"privilegesRequired\": \"LOW\", \"scope\": \"CHANGED\", \"userInteraction\": \"NONE\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N\", \"version\": \"3.1\"}}], \"problemTypes\": [{\"descriptions\": [{\"cweId\": \"CWE-125\", \"description\": \"CWE-125: Out-of-bounds Read\", \"lang\": \"en\", \"type\": \"CWE\"}]}], \"providerMetadata\": {\"dateUpdated\": \"2021-10-06T17:10:26.000Z\", \"orgId\": \"3af57064-a867-422c-b2ad-40307b65c458\", \"shortName\": \"Samsung Mobile\"}, \"references\": [{\"tags\": [\"x_refsource_MISC\"], \"url\": \"https://security.samsungmobile.com/securityUpdate.smsb?year=2021\u0026month=10\"}], \"source\": {\"discovery\": \"UNKNOWN\"}, \"x_legacyV4Record\": {\"CVE_data_meta\": {\"ASSIGNER\": \"mobile.security@samsung.com\", \"ID\": \"CVE-2021-25487\", \"STATE\": \"PUBLIC\"}, \"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"product_name\": \"Samsung Mobile Devices\", \"version\": {\"version_data\": [{\"version_affected\": \"\u003c\", \"version_name\": \"O(8.1), P(9.0), Q(10.0), R(11.0)\", \"version_value\": \"SMR Oct-2021 Release 1\"}]}}]}, \"vendor_name\": \"Samsung Mobile\"}]}}, \"data_format\": \"MITRE\", \"data_type\": \"CVE\", \"data_version\": \"4.0\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"Lack of boundary checking of a buffer in set_skb_priv() of modem interface driver prior to SMR Oct-2021 Release 1 allows OOB read and it results in arbitrary code execution by dereference of invalid function pointer.\"}]}, \"impact\": {\"cvss\": {\"attackComplexity\": \"LOW\", \"attackVector\": \"LOCAL\", \"availabilityImpact\": \"NONE\", \"baseScore\": 7.3, \"baseSeverity\": \"HIGH\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"LOW\", \"privilegesRequired\": \"LOW\", \"scope\": \"CHANGED\", \"userInteraction\": \"NONE\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N\", \"version\": \"3.1\"}}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"CWE-125: Out-of-bounds Read\"}]}]}, \"references\": {\"reference_data\": [{\"name\": \"https://security.samsungmobile.com/securityUpdate.smsb?year=2021\u0026month=10\", \"refsource\": \"MISC\", \"url\": \"https://security.samsungmobile.com/securityUpdate.smsb?year=2021\u0026month=10\"}]}, \"source\": {\"discovery\": \"UNKNOWN\"}}}, \"adp\": [{\"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-03T20:03:05.746Z\"}, \"title\": \"CVE Program Container\", \"references\": [{\"tags\": [\"x_refsource_MISC\", \"x_transferred\"], \"url\": \"https://security.samsungmobile.com/securityUpdate.smsb?year=2021\u0026month=10\"}]}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2021-25487\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-02-04T21:23:33.780364Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2023-06-29\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-25487\"}}}], \"timeline\": [{\"time\": \"2023-06-29T00:00:00+00:00\", \"lang\": \"en\", \"value\": \"CVE-2021-25487 added to CISA KEV\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-02-04T21:23:45.613Z\"}}]}",
      "cveMetadata": "{\"assignerOrgId\": \"3af57064-a867-422c-b2ad-40307b65c458\", \"assignerShortName\": \"Samsung Mobile\", \"cveId\": \"CVE-2021-25487\", \"datePublished\": \"2021-10-06T17:10:26.000Z\", \"dateReserved\": \"2021-01-19T00:00:00.000Z\", \"dateUpdated\": \"2025-07-30T01:37:56.807Z\", \"state\": \"PUBLISHED\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

gsd-2021-25487

Vulnerability from gsd

Modified

2023-12-13 01:23

Details

Aliases

CVE-2021-25487

Aliases

CVE-2021-25487

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2021-25487",
    "description": "Lack of boundary checking of a buffer in set_skb_priv() of modem interface driver prior to SMR Oct-2021 Release 1 allows OOB read and it results in arbitrary code execution by dereference of invalid function pointer.",
    "id": "GSD-2021-25487"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2021-25487"
      ],
      "details": "Lack of boundary checking of a buffer in set_skb_priv() of modem interface driver prior to SMR Oct-2021 Release 1 allows OOB read and it results in arbitrary code execution by dereference of invalid function pointer.",
      "id": "GSD-2021-25487",
      "modified": "2023-12-13T01:23:21.071593Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "mobile.security@samsung.com",
        "ID": "CVE-2021-25487",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Samsung Mobile Devices",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c",
                          "version_name": "O(8.1), P(9.0), Q(10.0), R(11.0)",
                          "version_value": "SMR Oct-2021 Release 1"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Samsung Mobile"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Lack of boundary checking of a buffer in set_skb_priv() of modem interface driver prior to SMR Oct-2021 Release 1 allows OOB read and it results in arbitrary code execution by dereference of invalid function pointer."
          }
        ]
      },
      "impact": {
        "cvss": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "NONE",
          "baseScore": 7.3,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N",
          "version": "3.1"
        }
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "CWE-125: Out-of-bounds Read"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://security.samsungmobile.com/securityUpdate.smsb?year=2021\u0026month=10",
            "refsource": "MISC",
            "url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2021\u0026month=10"
          }
        ]
      },
      "source": {
        "discovery": "UNKNOWN"
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:h:samsung:exynos:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "mobile.security@samsung.com",
          "ID": "CVE-2021-25487"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Lack of boundary checking of a buffer in set_skb_priv() of modem interface driver prior to SMR Oct-2021 Release 1 allows OOB read and it results in arbitrary code execution by dereference of invalid function pointer."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-125"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://security.samsungmobile.com/securityUpdate.smsb?year=2021\u0026month=10",
              "refsource": "MISC",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2021\u0026month=10"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.6,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 1.8,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2021-10-13T16:43Z",
      "publishedDate": "2021-10-06T18:15Z"
    }
  }
}

ghsa-4fpw-j345-q48r

Vulnerability from github

Published

2022-05-24 19:16

Modified

2025-10-22 00:32

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2021-25487"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-125"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-10-06T18:15:00Z",
    "severity": "HIGH"
  },
  "details": "Lack of boundary checking of a buffer in set_skb_priv() of modem interface driver prior to SMR Oct-2021 Release 1 allows OOB read and it results in arbitrary code execution by dereference of invalid function pointer.",
  "id": "GHSA-4fpw-j345-q48r",
  "modified": "2025-10-22T00:32:25Z",
  "published": "2022-05-24T19:16:43Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-25487"
    },
    {
      "type": "WEB",
      "url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2021\u0026month=10"
    },
    {
      "type": "WEB",
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-25487"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

fkie_cve-2021-25487

Vulnerability from fkie_nvd

Published

2021-10-06 18:15

Modified

2025-10-22 00:17

Severity ?

7.3 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
mobile.security@samsung.com	https://security.samsungmobile.com/securityUpdate.smsb?year=2021&month=10	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://security.samsungmobile.com/securityUpdate.smsb?year=2021&month=10	Vendor Advisory
134c704f-9b21-4f2e-91b3-4a467353bcc0	https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-25487

Impacted products

Vendor	Product	Version
samsung	android	8.1
samsung	android	9.0
samsung	android	9.0
samsung	android	9.0
samsung	android	9.0
samsung	android	9.0
samsung	android	9.0
samsung	android	9.0
samsung	android	9.0
samsung	android	9.0
samsung	android	10.0
samsung	android	10.0
samsung	android	10.0
samsung	android	10.0
samsung	android	10.0
samsung	android	10.0
samsung	android	10.0
samsung	android	10.0
samsung	android	10.0
samsung	android	11.0
samsung	android	11.0
samsung	android	11.0
samsung	android	11.0
samsung	android	11.0
samsung	android	11.0
samsung	android	11.0
samsung	android	11.0
samsung	android	11.0

JSON

To clipboard

{
  "cisaActionDue": "2023-07-20",
  "cisaExploitAdd": "2023-06-29",
  "cisaRequiredAction": "Apply updates per vendor instructions or discontinue use of the product if updates are unavailable",
  "cisaVulnerabilityName": "Samsung Mobile Devices Out-of-Bounds Read Vulnerability",
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:samsung:android:8.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "3E4F5C8C-AF0C-47F4-A3B0-A6D924FB72BB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:samsung:android:9.0:smr-apr-2021-r1:*:*:*:*:*:*",
              "matchCriteriaId": "C690D390-5631-4294-AEB8-9A4C5564FA44",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:samsung:android:9.0:smr-aug-2021-r1:*:*:*:*:*:*",
              "matchCriteriaId": "878D73CA-D317-4304-B7FB-00DE79DA7074",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:samsung:android:9.0:smr-feb-2021-r1:*:*:*:*:*:*",
              "matchCriteriaId": "3B9A3B41-AAC9-4E23-A265-959A9852B94C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:samsung:android:9.0:smr-jan-2021-r1:*:*:*:*:*:*",
              "matchCriteriaId": "B93A5F5F-BF53-44D3-9583-811CC284DF86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:samsung:android:9.0:smr-jul-2021-r1:*:*:*:*:*:*",
              "matchCriteriaId": "30154AB6-C412-48D6-9123-42639B116093",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:samsung:android:9.0:smr-jun-2021-r1:*:*:*:*:*:*",
              "matchCriteriaId": "6538D01C-1645-4C4B-8559-EA20FFCD87F2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:samsung:android:9.0:smr-mar-2021-r1:*:*:*:*:*:*",
              "matchCriteriaId": "62A933C7-9739-43DD-851E-0C2009858B77",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:samsung:android:9.0:smr-may-2021-r1:*:*:*:*:*:*",
              "matchCriteriaId": "B5A0003A-1655-4945-988E-C79CC8A41B11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:samsung:android:9.0:smr-sep-2021-r1:*:*:*:*:*:*",
              "matchCriteriaId": "620EF7BF-1A66-4E96-A05A-2296C9272A34",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:samsung:android:10.0:smr-apr-2021-r1:*:*:*:*:*:*",
              "matchCriteriaId": "5E21936D-9A60-4987-A6BF-C8F1885FB478",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:samsung:android:10.0:smr-aug-2021-r1:*:*:*:*:*:*",
              "matchCriteriaId": "2559EDCB-09F8-4AC0-AE53-9B0E934D2D74",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:samsung:android:10.0:smr-feb-2021-r1:*:*:*:*:*:*",
              "matchCriteriaId": "18C71F11-7599-4AE1-B455-C7A50D8D5F4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:samsung:android:10.0:smr-jan-2021-r1:*:*:*:*:*:*",
              "matchCriteriaId": "878AAF2D-E54A-4145-A618-81341ED4B0C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:samsung:android:10.0:smr-jul-2021-r1:*:*:*:*:*:*",
              "matchCriteriaId": "84641402-4778-418B-90F3-2AFAF90B4798",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:samsung:android:10.0:smr-jun-2021-r1:*:*:*:*:*:*",
              "matchCriteriaId": "C72C3A92-43ED-40F4-B340-FE57FED9E762",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:samsung:android:10.0:smr-mar-2021-r1:*:*:*:*:*:*",
              "matchCriteriaId": "7EBA9C21-8EDA-48B2-B63C-D50B2F83C31B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:samsung:android:10.0:smr-may-2021-r1:*:*:*:*:*:*",
              "matchCriteriaId": "0CC8A026-B21C-47E0-B889-BD62F379737E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:samsung:android:10.0:smr-sep-2021-r1:*:*:*:*:*:*",
              "matchCriteriaId": "5B1DCD3C-2418-4194-97FA-901550B2ED3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:samsung:android:11.0:smr-apr-2021-r1:*:*:*:*:*:*",
              "matchCriteriaId": "8D2D0083-0A85-47F7-A42D-2040A3BEC132",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:samsung:android:11.0:smr-aug-2021-r1:*:*:*:*:*:*",
              "matchCriteriaId": "A3658A42-BCA9-4188-8B36-3C6599BBF83C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:samsung:android:11.0:smr-feb-2021-r1:*:*:*:*:*:*",
              "matchCriteriaId": "25B42CE0-67DE-4611-8D70-DEEC975E32BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jan-2021-r1:*:*:*:*:*:*",
              "matchCriteriaId": "AC082E25-1B7D-473D-A066-1463E6321CD5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jul-2021-r1:*:*:*:*:*:*",
              "matchCriteriaId": "2B088DE9-31F1-4737-8BC8-CC406F208ACB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:samsung:android:11.0:smr-jun-2021-r1:*:*:*:*:*:*",
              "matchCriteriaId": "C2592B14-B3B7-4C85-88E8-5E12F6F50ED3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:samsung:android:11.0:smr-mar-2021-r1:*:*:*:*:*:*",
              "matchCriteriaId": "BA51F5D5-D18D-426C-B09F-EE12CE11E9FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:samsung:android:11.0:smr-may-2021-r1:*:*:*:*:*:*",
              "matchCriteriaId": "6C946853-D56D-457C-A1CB-AD1A5BD56C41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:samsung:android:11.0:smr-sep-2021-r1:*:*:*:*:*:*",
              "matchCriteriaId": "548BCC15-C6D8-4AE7-B167-4DD74382097B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Lack of boundary checking of a buffer in set_skb_priv() of modem interface driver prior to SMR Oct-2021 Release 1 allows OOB read and it results in arbitrary code execution by dereference of invalid function pointer."
    },
    {
      "lang": "es",
      "value": "Una falta de comprobaci\u00f3n de l\u00edmites de un b\u00fafer en la funci\u00f3n set_skb_priv() de modem interface driver versiones anteriores a SMR Oct-2021 Release 1, permite una lectura OOB y permite una ejecuci\u00f3n de c\u00f3digo arbitrario por desreferencia de un puntero de funci\u00f3n no v\u00e1lido"
    }
  ],
  "id": "CVE-2021-25487",
  "lastModified": "2025-10-22T00:17:27.163",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.6,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "NONE",
          "baseScore": 7.3,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.0,
        "impactScore": 4.7,
        "source": "mobile.security@samsung.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-10-06T18:15:09.567",
  "references": [
    {
      "source": "mobile.security@samsung.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2021\u0026month=10"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2021\u0026month=10"
    },
    {
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-25487"
    }
  ],
  "sourceIdentifier": "mobile.security@samsung.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-125"
        }
      ],
      "source": "mobile.security@samsung.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-125"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Lack of boundary checking of a buffer in set_skb_priv() of modem interface driver prior to SMR Oct-2021 Release 1 allows OOB read and it results in arbitrary code execution by dereference of invalid function pointer. The Samsung OOB driver is a driver that reads the modem interface for Samsung mobile devices.

The Samsung OOB read modem interface driver has an out-of-bounds read vulnerability. An attacker can exploit this vulnerability to execute arbitrary code

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-202110-0167",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "mobile devices q",
        "scope": null,
        "trust": 1.2,
        "vendor": "samsung",
        "version": null
      },
      {
        "model": "mobile devices o",
        "scope": null,
        "trust": 1.2,
        "vendor": "samsung",
        "version": null
      },
      {
        "model": "mobile devices p",
        "scope": null,
        "trust": 1.2,
        "vendor": "samsung",
        "version": null
      },
      {
        "model": "android",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "google",
        "version": "10.0"
      },
      {
        "model": "android",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "google",
        "version": "9.0"
      },
      {
        "model": "android",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "google",
        "version": "11.0"
      },
      {
        "model": "android",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "google",
        "version": "8.1"
      },
      {
        "model": "mobile devices r",
        "scope": null,
        "trust": 0.6,
        "vendor": "samsung",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2023-99916"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-25487"
      }
    ]
  },
  "cve": "CVE-2021-25487",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.6,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 3.9,
            "id": "CVE-2021-25487",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 1.1,
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.6,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 3.9,
            "id": "CNVD-2023-99916",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.6,
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 1.8,
            "id": "CVE-2021-25487",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "author": "mobile.security@samsung.com",
            "availabilityImpact": "NONE",
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 2.0,
            "id": "CVE-2021-25487",
            "impactScore": 4.7,
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N",
            "version": "3.1"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2021-25487",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "mobile.security@samsung.com",
            "id": "CVE-2021-25487",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2023-99916",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-202110-344",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULMON",
            "id": "CVE-2021-25487",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2023-99916"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-25487"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202110-344"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-25487"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-25487"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Lack of boundary checking of a buffer in set_skb_priv() of modem interface driver prior to SMR Oct-2021 Release 1 allows OOB read and it results in arbitrary code execution by dereference of invalid function pointer. The Samsung OOB driver is a driver that reads the modem interface for Samsung mobile devices. \n\r\n\r\nThe Samsung OOB read modem interface driver has an out-of-bounds read vulnerability. An attacker can exploit this vulnerability to execute arbitrary code",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2021-25487"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2023-99916"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-25487"
      }
    ],
    "trust": 1.53
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2021-25487",
        "trust": 2.3
      },
      {
        "db": "CNVD",
        "id": "CNVD-2023-99916",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202110-344",
        "trust": 0.6
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-25487",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2023-99916"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-25487"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202110-344"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-25487"
      }
    ]
  },
  "id": "VAR-202110-0167",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2023-99916"
      }
    ],
    "trust": 1.6
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "IoT"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2023-99916"
      }
    ]
  },
  "last_update_date": "2024-08-14T15:06:43.492000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Patch for Samsung OOB driver out-of-bounds read vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchInfo/show/354576"
      },
      {
        "title": "Samsung SMR Buffer error vulnerability fix",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=165366"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2023-99916"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202110-344"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-125",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2021-25487"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.7,
        "url": "https://security.samsungmobile.com/securityupdate.smsb?year=2021\u0026month=10"
      },
      {
        "trust": 1.2,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2021-25487"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/125.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2023-99916"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-25487"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202110-344"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-25487"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2023-99916"
      },
      {
        "db": "VULMON",
        "id": "CVE-2021-25487"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-202110-344"
      },
      {
        "db": "NVD",
        "id": "CVE-2021-25487"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2022-10-10T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2023-99916"
      },
      {
        "date": "2021-10-06T00:00:00",
        "db": "VULMON",
        "id": "CVE-2021-25487"
      },
      {
        "date": "2021-10-06T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202110-344"
      },
      {
        "date": "2021-10-06T18:15:09.567000",
        "db": "NVD",
        "id": "CVE-2021-25487"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2023-12-22T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2023-99916"
      },
      {
        "date": "2021-10-13T00:00:00",
        "db": "VULMON",
        "id": "CVE-2021-25487"
      },
      {
        "date": "2021-10-14T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-202110-344"
      },
      {
        "date": "2021-10-13T16:43:22.203000",
        "db": "NVD",
        "id": "CVE-2021-25487"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202110-344"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Samsung OOB driver out-of-bounds read vulnerability",
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2023-99916"
      }
    ],
    "trust": 0.6
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "buffer error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-202110-344"
      }
    ],
    "trust": 0.6
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2021-25487 (GCVE-0-2021-25487)

Vulnerability from cvelistv5

CISA Known Exploited Vulnerability

Data from the CISA Known Exploited Vulnerabilities Catalog

gsd-2021-25487

Vulnerability from gsd

ghsa-4fpw-j345-q48r

Vulnerability from github

fkie_cve-2021-25487

Vulnerability from fkie_nvd

var-202110-0167

Vulnerability from variot

Tags

Sightings

Nomenclature