Improper Address Validation in RKP Allows Creation of Executable Kernel Page Outside Code Area
CVE-2021-25416 · MEDIUM Severity
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N
Assuming EL1 is compromised, an improper address validation in RKP prior to SMR JUN-2021 Release 1 allows local attackers to create executable kernel page outside code area.
Learn more about our Web Application Penetration Testing UK.