NVD disclosure day
CVE-2021-25372
Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.
A memory access vulnerability exists in Samsung mobile devices due to an improper boundary check in the DSP driver. This could allow unauthorized access to memory, potentially affecting data confidentiality, integrity, and system availability. The business risk involves potential data compromise and system disruption i
CVE-2021-25371
Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.
A vulnerability in the Digital Signal Processor (DSP) driver allows attackers to load arbitrary ELF libraries. This can affect system integrity and confidentiality, posing a moderate business risk. Prompt patching is recommended for affected Samsung Android devices and Exynos chipsets.
CVE-2021-25370
Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.
A vulnerability in Samsung Android devices allows for memory corruption, potentially causing a system crash. This impacts device availability and data integrity. Exploitation requires local administrative privileges, presenting a moderate business risk.
CVE-2021-25369
Halo Surface Signal: 1 out of 5 — much less likely to be public-facing.
A vulnerability in Samsung Android devices allows local access to sensitive kernel information due to improper access controls in the `sec_log` file. This could lead to the exposure of critical system data, posing a risk to data confidentiality and system integrity. Mitigation involves applying vendor updates.
CVE-2021-22506
Halo Surface Signal: 5 out of 5 — more likely to be public-facing.
Certain versions of Micro Focus Access Manager have an information leakage vulnerability due to advance configuration. This matters because it could expose sensitive data. The realistic business risk involves potential unauthorized access to information, impacting data confidentiality.