CVE-2025-58346

Name of the Vulnerable Software and Affected Versions Samsung Mobile Processor and Wearable Processor Exynos 980 Samsung Mobile Processor and Wearable Processor Exynos 850 Samsung Mobile Processor and Wearable Processor Exynos 1080 Samsung Mobile Processor and Wearable Processor Exynos 1280 Samsung Mobile Processor and Wearable Processor Exynos 1330 Samsung Mobile Processor and Wearable Processor Exynos 1380 Samsung Mobile Processor and Wearable Processor Exynos 1480 Samsung Mobile Processor and Wearable Processor Exynos 1580 Samsung Mobile Processor and Wearable Processor Exynos W920 Samsung Mobile Processor and Wearable Processor Exynos W930 Samsung Mobile Processor and Wearable Processor Exynos W1000

Description An issue exists due to unbounded memory allocation through a large buffer in a /proc/driver/unifi0/send addts write operation. This can lead to kernel memory exhaustion. The /proc/driver/unifi0/send addts is an API endpoint used for sending additional timestamp information. The vulnerability occurs when a large buffer is provided as input to this endpoint, causing the system to allocate an excessive amount of memory. The send addts function is responsible for handling the incoming data and allocating memory to store it.

Recommendations For Samsung Mobile Processor and Wearable Processor Exynos 980, avoid sending large buffers to the /proc/driver/unifi0/send addts endpoint. For Samsung Mobile Processor and Wearable Processor Exynos 850, avoid sending large buffers to the /proc/driver/unifi0/send addts endpoint. For Samsung Mobile Processor and Wearable Processor Exynos 1080, avoid sending large buffers to the /proc/driver/unifi0/send addts endpoint. For Samsung Mobile Processor and Wearable Processor Exynos 1280, avoid sending large buffers to the /proc/driver/unifi0/send addts endpoint. For Samsung Mobile Processor and Wearable Processor Exynos 1330, avoid sending large buffers to the /proc/driver/unifi0/send addts endpoint. For Samsung Mobile Processor and Wearable Processor Exynos 1380, avoid sending large buffers to the /proc/driver/unifi0/send addts endpoint. For Samsung Mobile Processor and Wearable Processor Exynos 1480, avoid sending large buffers to the /proc/driver/unifi0/send addts endpoint. For Samsung Mobile Processor and Wearable Processor Exynos 1580, avoid sending large buffers to the /proc/driver/unifi0/send addts endpoint. For Samsung Mobile Processor and Wearable Processor Exynos W920, avoid sending large buffers to the /proc/driver/unifi0/send addts endpoint. For Samsung Mobile Processor and Wearable Processor Exynos W930, avoid sending large buffers to the /proc/driver/unifi0/send addts endpoint. For Samsung Mobile Processor and Wearable Processor Exynos W1000, avoid sending large buffers to the /proc/driver/unifi0/send addts endpoint.