Samsung Mobile Devices vulnerabilities

CVE-2021-25484 [LOW] CWE-287 CVE-2021-25484: Improper authentication in InputManagerService prior to SMR Oct-2021 Release 1 allows monitoring the Improper authentication in InputManagerService prior to SMR Oct-2021 Release 1 allows monitoring the touch event.

CVE-2021-25472 [LOW] CWE-264 CVE-2021-25472: An improper access control vulnerability in BluetoothSettingsProvider prior to SMR Oct-2021 Release An improper access control vulnerability in BluetoothSettingsProvider prior to SMR Oct-2021 Release 1 allows untrusted application to overwrite some Bluetooth information.

CVE-2021-25449 [CRITICAL] CWE-122 CVE-2021-25449: An improper input validation vulnerability in libsapeextractor library prior to SMR Sep-2021 Release An improper input validation vulnerability in libsapeextractor library prior to SMR Sep-2021 Release 1 allows attackers to execute arbitrary code in mediaextractor process.

CVE-2021-25461 [HIGH] CWE-120 CVE-2021-25461: An improper length check in APAService prior to SMR Sep-2021 Release 1 results in stack based Buffer An improper length check in APAService prior to SMR Sep-2021 Release 1 results in stack based Buffer Overflow.

CVE-2021-25450 [MEDIUM] CWE-20 CVE-2021-25450: Path traversal vulnerability in FactoryAirCommnadManger prior to SMR Sep-2021 Release 1 allows attac Path traversal vulnerability in FactoryAirCommnadManger prior to SMR Sep-2021 Release 1 allows attackers to write file as system uid via remote socket.

CVE-2021-25454 [MEDIUM] CWE-125 CVE-2021-25454: OOB read vulnerability in libsaacextractor.so library prior to SMR Sep-2021 Release 1 allows attacke OOB read vulnerability in libsaacextractor.so library prior to SMR Sep-2021 Release 1 allows attackers to execute remote DoS via forged aac file.

CVE-2021-25456 [MEDIUM] CWE-125 CVE-2021-25456: OOB read vulnerability in libswmfextractor.so library prior to SMR Sep-2021 Release 1 allows attacke OOB read vulnerability in libswmfextractor.so library prior to SMR Sep-2021 Release 1 allows attackers to execute memcpy at arbitrary address via forged wmf file.

CVE-2021-25460 [MEDIUM] CWE-285 CVE-2021-25460: An improper access control vulnerability in sspExit() in BlockchainTZService prior to SMR Sep-2021 R An improper access control vulnerability in sspExit() in BlockchainTZService prior to SMR Sep-2021 Release 1 allows attackers to terminate BlockchainTZService.

CVE-2021-25462 [MEDIUM] CWE-476 CVE-2021-25462: NULL pointer dereference vulnerability in NPU driver prior to SMR Sep-2021 Release 1 allows attacker NULL pointer dereference vulnerability in NPU driver prior to SMR Sep-2021 Release 1 allows attackers to cause memory corruption.

CVE-2021-25459 [MEDIUM] CWE-285 CVE-2021-25459: An improper access control vulnerability in sspInit() in BlockchainTZService prior to SMR Sep-2021 R An improper access control vulnerability in sspInit() in BlockchainTZService prior to SMR Sep-2021 Release 1 allows attackers to start BlockchainTZService.

CVE-2021-25452 [MEDIUM] CWE-22 CVE-2021-25452: An improper input validation vulnerability in loading graph file in DSP driver prior to SMR Sep-2021 An improper input validation vulnerability in loading graph file in DSP driver prior to SMR Sep-2021 Release 1 allows attackers to perform permanent denial of service on the device.

CVE-2021-25453 [MEDIUM] CWE-20 CVE-2021-25453: Some improper access control in Bluetooth APIs prior to SMR Sep-2021 Release 1 allows untrusted appl Some improper access control in Bluetooth APIs prior to SMR Sep-2021 Release 1 allows untrusted application to get Bluetooth information.

CVE-2021-25458 [MEDIUM] CWE-476 CVE-2021-25458: NULL pointer dereference vulnerability in ION driver prior to SMR Sep-2021 Release 1 allows attacker NULL pointer dereference vulnerability in ION driver prior to SMR Sep-2021 Release 1 allows attackers to cause memory corruption.

CVE-2021-25451 [LOW] CWE-287 CVE-2021-25451: A PendingIntent hijacking in NetworkPolicyManagerService prior to SMR Sep-2021 Release 1 allows atta A PendingIntent hijacking in NetworkPolicyManagerService prior to SMR Sep-2021 Release 1 allows attackers to get IMSI data.

CVE-2021-25455 [LOW] CWE-125 CVE-2021-25455: OOB read vulnerability in libsaviextractor.so library prior to SMR Sep-2021 Release 1 allows attacke OOB read vulnerability in libsaviextractor.so library prior to SMR Sep-2021 Release 1 allows attackers to access arbitrary address through pointer via forged avi file.

CVE-2021-25457 [LOW] CWE-20 CVE-2021-25457: An improper input validation vulnerability in DSP driver prior to SMR Sep-2021 Release 1 allows loca An improper input validation vulnerability in DSP driver prior to SMR Sep-2021 Release 1 allows local attackers to get a limited kernel memory information.

CVE-2021-25444 [MEDIUM] CWE-20 CVE-2021-25444: An IV reuse vulnerability in keymaster prior to SMR AUG-2021 Release 1 allows decryption of custom k An IV reuse vulnerability in keymaster prior to SMR AUG-2021 Release 1 allows decryption of custom keyblob with privileged process.

CVE-2021-25443 [MEDIUM] CWE-825 CVE-2021-25443: A use after free vulnerability in conn_gadget driver prior to SMR AUG-2021 Release 1 allows maliciou A use after free vulnerability in conn_gadget driver prior to SMR AUG-2021 Release 1 allows malicious action by an attacker.

CVE-2021-25426 [HIGH] CWE-200 CVE-2021-25426: Improper component protection vulnerability in SmsViewerActivity of Samsung Message prior to SMR Jul Improper component protection vulnerability in SmsViewerActivity of Samsung Message prior to SMR July-2021 Release 1 allows untrusted applications to access Message files.

CVE-2021-25428 [HIGH] CWE-269 CVE-2021-25428: Improper validation check vulnerability in PackageManager prior to SMR July-2021 Release 1 allows un Improper validation check vulnerability in PackageManager prior to SMR July-2021 Release 1 allows untrusted applications to get dangerous level permission without user confirmation in limited circumstances.