Improper Address Validation in RKP Allows Local Attackers to Remap EL2 Memory as Writable

Improper Address Validation in RKP Allows Local Attackers to Remap EL2 Memory as Writable

CVE-2021-25415 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Assuming EL1 is compromised, an improper address validation in RKP prior to SMR JUN-2021 Release 1 allows local attackers to remap EL2 memory as writable.

Learn more about our Web Application Penetration Testing UK.