CVE-2021-25394

CVSS 6.4 MEDIUMEPSS 0.4%● KEVCWE-416

In short

The MFC charger driver has a bug where it tries to use memory that has already been freed, caused by a timing issue. If an attacker gains radio-level access to the device, they could exploit this to write data anywhere in memory.

Technical detail

A use-after-free vulnerability in the MFC charger driver (pre-SMR MAY-2021 Release 1) arises from a race condition in memory management. Exploitation requires compromise of radio privileges and allows arbitrary memory writes; this could lead to privilege escalation or system compromise depending on the context of the write operation.

Summary generated and translated by AI from the official description.

A use after free vulnerability via race condition in MFC charger driver prior to SMR MAY-2021 Release 1 allows arbitrary write given a radio privilege is compromised.

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

Affected products

Samsung Mobile · Samsung Mobile Devices

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://security.samsungmobile.com/securityUpdate.smsb?year=2021&month=5 https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-25394