Samsung Mobile Devices Memory Corruption Vulnerability (CVE-2021-25370)
Samsung mobile devices using Mali GPU contain an incorrect implementation handling file descriptor in dpu driver. This incorrect implementation results in memory corruption, leading to kernel panic. This vulnerability was chained with CVE-2021-25337 and CVE-2021-25369.
An attacker, with administrative privileges, can achieve full data confidentiality loss, arbitrary modification of data, complete denial of service or system unavailability. Federal agencies are required to remediate by 2022-11-29 under CISA BOD 22-01.
This is a Use After Free (CWE-416) vulnerability in Samsung Mobile Devices. An incorrect implementation handling file descriptor in dpu driver prior to SMR Mar-2021 Release 1 results in memory corruption leading to kernel panic. Exploitation requires physical access, higher attack complexity, an administrative account, and no user interaction required.
Probably yes if any of these apply:
CISA added this CVE to the Known Exploited Vulnerabilities catalog on 2022-11-08 based on evidence of active exploitation in the wild. Federal agencies required to remediate by 2022-11-29.
Manual remediation steps
No tested PowerShell script for this entry yet. We’re prioritising automation based on user demand.