CVE-2021-25369

Name of the Vulnerable Software and Affected Versions Samsung Mobile Devices versions prior to SMR MAR-2021 Release 1

Description The issue is related to an improper access control vulnerability in the sec log file, which exposes sensitive kernel information to userspace. This vulnerability is associated with insufficient access control in the sec log file, located at /data/log/sec log.log, in Samsung mobile devices running Android. The exploitation of this vulnerability could allow an attacker to gain unauthorized access to protected information.

Recommendations For versions prior to SMR MAR-2021 Release 1, update to SMR MAR-2021 Release 1 or later to resolve the issue. As a temporary workaround, consider restricting access to the sec log file to minimize the risk of exploitation.