CVE-2025-58346

Medium CVSS: 5.5

An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, 1580, W920, W930 and W1000. There is unbounded memory allocation via a large buffer in a /proc/driver/unifi0/send_addts write operation, leading to kernel memory exhaustion.

Vendor

Samsung

Product

Exynos 980 Firmware

CWE

CWE-770

Yayın Tarihi

2026-02-03 18:16:14

Güncelleme

2026-02-09 18:16:03

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-770 Exynos 980 Firmware MEDIUM Samsung 2026

Referanslar

https://semiconductor.samsung.com/support/quality-support/product-security-updates/ https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2025-58346/

Benzer Kayıtlar

High

CVE-2026-21000

Improper access control in Galaxy Store prior to version 4.6.03.8 allows local attacker to create file with Galaxy Store…

Medium

CVE-2026-21001

Path traversal in Galaxy Store prior to version 4.6.03.8 allows local attacker to create file with Galaxy Store privileg…

Medium

CVE-2026-21002

Improper verification of cryptographic signature in Galaxy Store prior to version 4.6.03.8 allows local attacker to inst…

Medium

CVE-2026-21004

Improper authentication in Smart Switch prior to version 3.7.69.15 allows adjacent attackers to trigger a denial of serv…

High

CVE-2026-21005

Path traversal in Smart Switch prior to version 3.7.69.15 allows adjacent attackers to overwrite arbitrary files with Sm…

Medium

CVE-2026-20992

Improper authorization in Settings prior to SMR Mar-2026 Release 1 allows local attacker to disable configuring the back…