COOEY // HUBcompliance · community · intelligence

FAIL › dossier

Mobile Devices product

13
failure events
0
zero-days
4
RCEs
13
on KEV
0
critical
65
worst shame

Dossier not yet built — the RAG curator builds one for players with ≥2 failure events (factory/dossier.py). The failure history and sentiment below are live.

Failure history 13 events

DateEventSevFlagsShameSummary
2025-11-10 CVE-2025-21042 high ⚡RCE ⌖KEV 65 Samsung mobile devices contain an out-of-bounds write vulnerability in libimagecodec.quram.so. This vulnerability could allow remote attackers to execute arbitrary code.
2025-10-02 CVE-2025-21043 high ⚡RCE ⌖KEV 65 Samsung mobile devices contain an out-of-bounds write vulnerability in libimagecodec.quram.so which allows remote attackers to execute arbitrary code.
2023-09-18 CVE-2022-22265 high ⚡RCE ⌖KEV 65 Samsung devices with selected Exynos chipsets contain a use-after-free vulnerability that allows malicious memory write and code execution.
2023-06-29 CVE-2021-25487 high ⚡RCE ⌖KEV 65 Samsung mobile devices contain an out-of-bounds read vulnerability within the modem interface driver due to a lack of boundary checking of a buffer in set_skb_priv(), leading to remote code execution by dereference of an invalid function pointer.
2023-06-29 CVE-2021-25372 high ⌖KEV 50 Samsung mobile devices contain an improper boundary check vulnerability within DSP driver that allows for out-of-bounds memory access.
2023-06-29 CVE-2021-25394 high ⌖KEV 50 Samsung mobile devices contain a race condition vulnerability within the MFC charger driver that leads to a use-after-free allowing for a write given a radio privilege is compromised.
2023-06-29 CVE-2021-25371 high ⌖KEV 50 Samsung mobile devices contain an unspecified vulnerability within DSP driver that allows attackers to load ELF libraries inside DSP.
2023-06-29 CVE-2021-25489 high ⌖KEV 50 Samsung mobile devices contain an improper input validation vulnerability within the modem interface driver that results in a format string bug leading to kernel panic.
2023-06-29 CVE-2021-25395 high ⌖KEV 50 Samsung mobile devices contain a race condition vulnerability within the MFC charger driver that leads to a use-after-free allowing for a write given a radio privilege is compromised.
2023-05-19 CVE-2023-21492 high ⌖KEV 50 Samsung mobile devices running Android 11, 12, and 13 contain an insertion of sensitive information into log file vulnerability that allows a privileged, local attacker to conduct an address space layout randomization (ASLR) bypass.
2022-11-08 CVE-2021-25370 high ⌖KEV 50 Samsung mobile devices using Mali GPU contain an incorrect implementation handling file descriptor in dpu driver. This incorrect implementation results in memory corruption, leading to kernel panic. This vulnerability was chained with CVE-2021-25337 and CVE-2021-25369.
2022-11-08 CVE-2021-25369 high ⌖KEV 50 Samsung mobile devices using Mali GPU contains an improper access control vulnerability in sec_log file. Exploitation of the vulnerability exposes sensitive kernel information to the userspace. This vulnerability was chained with CVE-2021-25337 and CVE-2021-25370.
2022-11-08 CVE-2021-25337 high ⌖KEV 50 Samsung mobile devices contain an improper access control vulnerability in clipboard service which allows untrusted applications to read or write arbitrary files. This vulnerability was chained with CVE-2021-25369 and CVE-2021-25370.