Samsung · Samsung Mobile Devices · CVE-2021-25394
Name of the Vulnerable Software and Affected Versions:
Samsung Mobile Devices versions prior to SMR MAY-2021 Release 1
Description:
A use after free vulnerability via race condition in the MFC charger driver allows arbitrary write given that a radio privilege is compromised. This issue is related to a race condition, which is a type of synchronization issue where the behavior of a program depends on the relative timing of threads or processes.
Recommendations:
For versions prior to SMR MAY-2021 Release 1, update to SMR MAY-2021 Release 1 or later to resolve the issue. As a temporary workaround, consider restricting access to the MFC charger driver to minimize the risk of exploitation.