COOEY // HUBcompliance · community · intelligence

Exposures › CVE-2021-25370

CVE-2021-25370

Severity
high · on CISA KEV actively exploited
Source
CISA-KEV · kev
Published
2022-11-08
Reference
https://nvd.nist.gov/vuln/detail/CVE-2021-25370
⌖ exploited in the wild shame 50/100 exploited-in-wild

Samsung mobile devices using Mali GPU contain an incorrect implementation handling file descriptor in dpu driver. This incorrect implementation results in memory corruption, leading to kernel panic. This vulnerability was chained with CVE-2021-25337 and CVE-2021-25369.

Players implicated

Samsung · vendorMobile Devices · product

Description

Samsung mobile devices using Mali GPU contain an incorrect implementation handling file descriptor in dpu driver. This incorrect implementation results in memory corruption, leading to kernel panic. This vulnerability was chained with CVE-2021-25337 and CVE-2021-25369.

Affected FedRAMP products 0 in the catalog

No correlated FedRAMP products.