CVE-2021-25416 - OpenCVE

Assuming EL1 is compromised, an improper address validation in RKP prior to SMR JUN-2021 Release 1 allows local attackers to create executable kernel page outside code area.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

AV:L/AC:L/Au:N/C:N/I:P/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Google	Android
Samsung	Exynos 9610 Exynos 9810 Exynos 9820 Exynos 9830

Configuration 1 [-]

AND

OR	cpe:2.3:o:google:android:10.0:::::::*
	cpe:2.3:o:google:android:11.0:::::::*

OR	cpe:2.3:h:samsung:exynos_9610:-:::::::*
	cpe:2.3:h:samsung:exynos_9810:-:::::::*
	cpe:2.3:h:samsung:exynos_9820:-:::::::*
	cpe:2.3:h:samsung:exynos_9830:-:::::::*

No data.

References

Link	Providers
https://security.samsungmobile.com/securityUpdate.smsb?year=2021&month=6

History

No history.

MITRE

Status: PUBLISHED

Assigner: Samsung Mobile

Published: 2021-06-11T14:33:45

Updated: 2024-08-03T20:03:05.622Z

Reserved: 2021-01-19T00:00:00

Link: CVE-2021-25416

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2021-06-11T15:15:10.460

Modified: 2021-06-16T20:52:04.210

Link: CVE-2021-25416

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "Samsung Mobile Devices", "vendor": "Samsung Mobile", "versions": [{"lessThan": "SMA JUN-2021 Release 1", "status": "affected", "version": "Q(10.0), R(11.0) devices with Exynos9610, 9810, 9820, 9830", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "Assuming EL1 is compromised, an improper address validation in RKP prior to SMR JUN-2021 Release 1 allows local attackers to create executable kernel page outside code area."}], "metrics": [{"other": {"content": {"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N"}, "type": "unknown"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-94", "description": "CWE-94: Improper Control of Generation of Code (Code Injection)", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-06-11T14:33:45", "orgId": "3af57064-a867-422c-b2ad-40307b65c458", "shortName": "Samsung Mobile"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2021&month=6"}], "source": {"discovery": "UNKNOWN"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "mobile.security@samsung.com", "ID": "CVE-2021-25416", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Samsung Mobile Devices", "version": {"version_data": [{"version_affected": "<", "version_name": "Q(10.0), R(11.0) devices with Exynos9610, 9810, 9820, 9830", "version_value": "SMA JUN-2021 Release 1"}]}}]}, "vendor_name": "Samsung Mobile"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Assuming EL1 is compromised, an improper address validation in RKP prior to SMR JUN-2021 Release 1 allows local attackers to create executable kernel page outside code area."}]}, "impact": {"cvss": {"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-94: Improper Control of Generation of Code (Code Injection)"}]}]}, "references": {"reference_data": [{"name": "https://security.samsungmobile.com/securityUpdate.smsb?year=2021&month=6", "refsource": "MISC", "url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2021&month=6"}]}, "source": {"discovery": "UNKNOWN"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T20:03:05.622Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2021&month=6"}]}]}, "cveMetadata": {"assignerOrgId": "3af57064-a867-422c-b2ad-40307b65c458", "assignerShortName": "Samsung Mobile", "cveId": "CVE-2021-25416", "datePublished": "2021-06-11T14:33:45", "dateReserved": "2021-01-19T00:00:00", "dateUpdated": "2024-08-03T20:03:05.622Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "D558D965-FA70-4822-A770-419E73BA9ED3", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*", "matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:samsung:exynos_9610:-:*:*:*:*:*:*:*", "matchCriteriaId": "26056D36-E735-4D10-A337-C7DCEAC15245", "vulnerable": false}, {"criteria": "cpe:2.3:h:samsung:exynos_9810:-:*:*:*:*:*:*:*", "matchCriteriaId": "D3F23066-4258-4E9D-964F-C76386DF7DF1", "vulnerable": false}, {"criteria": "cpe:2.3:h:samsung:exynos_9820:-:*:*:*:*:*:*:*", "matchCriteriaId": "1B8C35DE-1C58-4C6E-BB15-0E3C2FECB8DA", "vulnerable": false}, {"criteria": "cpe:2.3:h:samsung:exynos_9830:-:*:*:*:*:*:*:*", "matchCriteriaId": "CC599902-095F-411E-B112-1BA9A643C6C9", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Assuming EL1 is compromised, an improper address validation in RKP prior to SMR JUN-2021 Release 1 allows local attackers to create executable kernel page outside code area."}, {"lang": "es", "value": "Asumiendo que EL1 est\u00e9 comprometido, una comprobaci\u00f3n de direcciones inapropiada en RKP anterior a la versi\u00f3n SMR JUN-2021 Release 1 permite a atacantes locales crear una p\u00e1gina del kernel ejecutable fuera del \u00e1rea de c\u00f3digo"}], "id": "CVE-2021-25416", "lastModified": "2021-06-16T20:52:04.210", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 2.0, "impactScore": 4.0, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-06-11T15:15:10.460", "references": [{"source": "mobile.security@samsung.com", "tags": ["Vendor Advisory"], "url": "https://security.samsungmobile.com/securityUpdate.smsb?year=2021&month=6"}], "sourceIdentifier": "mobile.security@samsung.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-94"}], "source": "mobile.security@samsung.com", "type": "Secondary"}]}