PT-2020-16058 · Samsung · Quram Image Codec Library
Published
2020-09-11
·
Updated
2020-09-21
·
CVE-2020-25278
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Samsung mobile devices with O(8.x) software
Samsung mobile devices with P(9.0) software
Samsung mobile devices with Q(10.0) software
Description
The issue allows attackers to overwrite memory and execute arbitrary code via crafted JPEG data that is mishandled during decoding by the Quram image codec library.
Recommendations
For Samsung mobile devices with O(8.x) software, update the Quram image codec library to prevent memory overwrite and arbitrary code execution.
For Samsung mobile devices with P(9.0) software, update the Quram image codec library to prevent memory overwrite and arbitrary code execution.
For Samsung mobile devices with Q(10.0) software, update the Quram image codec library to prevent memory overwrite and arbitrary code execution.
Fix
Memory Corruption
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Quram Image Codec Library