PT-2021-16657 · Unknown · Vision Dsp Kernel Driver

Gyorgy Miru

Published

2021-10-06

Updated

2021-12-16

CVE-2021-25467

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions: Vision DSP kernel driver versions prior to SMR Oct-2021 Release 1

Description: The issue allows for privilege escalation to Root by hijacking loaded library, assuming system privilege is gained. This is due to possible buffer overflow vulnerabilities in the Vision DSP kernel driver.

Recommendations: For versions prior to SMR Oct-2021 Release 1, update to SMR Oct-2021 Release 1 or later to resolve the issue. As a temporary workaround, consider restricting access to the Vision DSP kernel driver to minimize the risk of exploitation.

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-120

Related Identifiers

CVE-2021-25467

Affected Products

Vision Dsp Kernel Driver

PT-2021-16657 · Unknown · Vision Dsp Kernel Driver

CVE-2021-25467

Weakness Enumeration

Related Identifiers

Affected Products

References · 6