CVE-2025-54957

Dolby UDC and Affected Versions Dolby UDC versions 4.5 through 4.13

Description An issue exists in the Dolby UDC DD+ decoder where processing a malformed DD+ bitstream can lead to a crash. Specifically, an integer overflow during length calculation when processing Evolution data within the

evo priv.c

component can result in an out-of-bounds write. This allows attackers to potentially overwrite data structures, including pointers, leading to remote code execution. The vulnerability is particularly critical on Android devices, where it can be exploited without user interaction through crafted audio messages. The issue affects the system by allowing remote attackers to execute arbitrary code. It is estimated that a significant number of devices worldwide could be affected. Researchers demonstrated the ability to achieve zero-click code execution on devices like the Pixel 9 and Samsung S24. The vulnerability is triggered by processing malicious audio files, causing memory corruption and crashes. The decoder writes data into a buffer, and the integer overflow leads to an undersized buffer and ineffective bounds checking.

Recommendations Update Dolby UDC to a newer version that contains a fix for this vulnerability.