Race Condition in FabricKeymaster Trustlet Affects Samsung Devices
CVE-2026-21046
8.4HIGH
What is CVE-2026-21046?
A race condition vulnerability exists in the FabricKeymaster trustlet prior to the SMR Jul-2026 Release 1, allowing local privileged attackers to exploit the timing discrepancy between the check for conditions and their subsequent use. This flaw enables the execution of arbitrary code on affected Samsung devices, posing a significant risk to device integrity and user data security.
Affected Version(s)
Samsung Mobile Devices SMR Jul-2026 Release in Android 14, 15, 16