CVE-2021-25487β€”Samsung Mobile Devices Out-of-Bounds Read Vulnerability

PUBLISHEDvulnerability record
2023-06-29 Β· last modified June 21, 2025

Metadata

CVE ID:
CVE-2021-25487
Project:
Samsung
Product:
Mobile Devices
Date Added:
2023-06-29
Due Date:
2023-07-20
Last Updated:
June 21, 2025

Vulnerability Name

Samsung Mobile Devices Out-of-Bounds Read Vulnerability

Description

Samsung mobile devices contain an out-of-bounds read vulnerability within the modem interface driver due to a lack of boundary checking of a buffer in set_skb_priv(), leading to remote code execution by dereference of an invalid function pointer.

Known To Be Used in Ransomware Campaigns?

Ransomware Status:
Unknown

Action

Apply updates per vendor instructions or discontinue use of the product if updates are unavailable

Additional Notes

Related Weaknesses