CVE-2021-25487

Samsung mobile devices contain an out-of-bounds read vulnerability within the modem interface driver due to a lack of boundary checking of a buffer in set_skb_priv(), leading to remote code execution by dereference of an invalid function pointer. Vendor/Product: Samsung Mobile Devices. Added to CISA KEV 2023-06-29; required action: Apply updates per vendor instructions or discontinue use of the product if updates are unavailable