Exynos 1080 Firmware CVE-2025-58343
MEDIUMCVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Lifecycle Timeline
2DescriptionNVD
An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, 1580, W920, W930 and W1000. There is unbounded memory allocation via a large buffer in a /proc/driver/unifi0/create_tspec write operation, leading to kernel memory exhaustion.
AnalysisAI
Exynos 980 Firmware versions up to - is affected by allocation of resources without limits or throttling (CVSS 5.5).
Technical ContextAI
This vulnerability (CWE-770: Allocation of Resources Without Limits or Throttling) affects Exynos 980 Firmware. was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, 1580, W920, W930 and W1000. There is unbounded memory allocation via a large buffer in a /proc/driver/unifi0/create_tspec write operation, leading to kernel memory exhaustion.
RemediationAI
Monitor vendor advisories for a patch.
More from same product – last 7 days
Out-of-bounds write in Samsung's Escargot JavaScript engine allows attacker-supplied scripts to corrupt memory through t
Kernel availability loss in Ubuntu Linux 6.8, 6.17, and 7.0 can be triggered by any unprivileged local user via a defect
Kernel panic via NULL pointer dereference in Ubuntu Linux 6.8's AppArmor notification handler allows a locally authentic
NULL pointer dereference in Ubuntu Linux kernel versions 6.8, 6.17, and 7.0 allows a local unprivileged user to crash th
NULL pointer dereference in Ubuntu Linux kernel SAUCE patches (versions 6.8, 6.17, and 7.0) allows an unprivileged local
Share
External POC / Exploit Code
Leaving vuln.today