CVE-2021-25371

Summary

A vulnerability in DSP driver prior to SMR Mar-2021 Release 1 allows attackers load arbitrary ELF libraries inside DSP.

Affected Software

VendorProductVersion RangeStatus
Samsung MobileSamsung Mobile DevicesQ(10.0), R(11.0) devices with exynos980, exynos2100, exynos9830 < SMR Mar-2021 Release 1affected

Weaknesses

  • CWE-912: CWE-912: Hidden Functionality

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: active
    • Automatable: no
    • Technical Impact: total

Additional References

References