CVE-2025-20890

Name of the Vulnerable Software and Affected Versions libsthmbc.so versions prior to SMR Jan-2025 Release 1

Description The issue is related to an out-of-bounds write in the decoding frame buffer in libsthmbc.so. This allows local attackers to execute arbitrary code with privilege. User interaction is required for triggering this vulnerability.

Recommendations For versions prior to SMR Jan-2025 Release 1, as a temporary workaround, consider restricting access to the vulnerable libsthmbc.so library until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.