CVE-2018-21051
First published: Wed Apr 08 2020(Updated: )
An issue was discovered on Samsung mobile devices with N(7.x) and O(8.x) (Exynos chipsets) software. There is an invalid free in the fingerprint Trustlet, leading to arbitrary code execution. The Samsung ID is SVE-2018-12853 (October 2018).
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Android | =7.0 | |
| Android | =7.1.0 | |
| Android | =7.1.1 | |
| Android | =7.1.2 | |
| Android | =8.0 | |
| Android | =8.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2018-21051?
CVE-2018-21051 has been classified with a high severity due to the potential for arbitrary code execution.
How do I fix CVE-2018-21051?
To fix CVE-2018-21051, users should update their Samsung mobile devices to the latest available software version.
Which devices are affected by CVE-2018-21051?
CVE-2018-21051 affects Samsung mobile devices running Android versions 7.x and 8.x with Exynos chipsets.
What exploit can occur due to CVE-2018-21051?
CVE-2018-21051 allows for arbitrary code execution through an invalid free in the fingerprint Trustlet.
When was CVE-2018-21051 disclosed?
CVE-2018-21051 was disclosed in October 2018 as part of Samsung's security updates.
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/weakness
- agent/author
- agent/last-modified-date
- agent/references
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/google
- canonical/android
- version/android/7.0
- version/android/7.1.0
- version/android/7.1.1
- version/android/7.1.2
- version/android/8.0
- version/android/8.1