Version O(8.x), P(9.0), Q(10.0), R(11.0)

CVE-2021-25394

A use after free vulnerability via race condition in MFC charger driver prior to SMR MAY-2021 Release 1 allows arbitrary write given a radio privilege is compromised.

MEDIUM CVSS 6.4 Published Jun 11, 2021

CVE-2021-25395

A race condition in MFC charger driver prior to SMR MAY-2021 Release 1 allows local attackers to bypass signature check given a radio privilege is compromised.

MEDIUM CVSS 6.4 Published Jun 11, 2021

CVE-2021-25382

An improper authorization of using debugging command in Secure Folder prior to SMR Oct-2020 Release 1 allows unauthorized access to contents in Secure Folder via debugging command.

MEDIUM CVSS 6.1 Published Apr 23, 2021

CVE-2021-25363

An improper access control in ActivityManagerService prior to SMR APR-2021 Release 1 allows untrusted applications to access running processesdelete some local files.

MEDIUM CVSS 6.8 Published Apr 09, 2021

CVE-2021-25357

A pendingIntent hijacking vulnerability in Create Movie prior to SMR APR-2021 Release 1 in Android O(8.x) and P(9.0), 3.4.81.1 in Android Q(10,0), and 3.6.80.7 in Android R(11.0) allows unprivileged applications to access contact information.

MEDIUM CVSS 5.6 Published Apr 09, 2021

CVE-2021-25356

An improper caller check vulnerability in Managed Provisioning prior to SMR APR-2021 Release 1 allows unprivileged application to install arbitrary application, grant device admin permission and then delete several installed application.

HIGH CVSS 7.1 Published Apr 09, 2021