Improper Address Validation in RKP Allows Creation of Executable Kernel Page Outside Code Area

Improper Address Validation in RKP Allows Creation of Executable Kernel Page Outside Code Area

CVE-2021-25416 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N

Assuming EL1 is compromised, an improper address validation in RKP prior to SMR JUN-2021 Release 1 allows local attackers to create executable kernel page outside code area.

Learn more about our Web Application Penetration Testing UK.