Primary

Context

Samsung Libsthmbc.so Out-of-Bounds Read Vulnerability Allowing Arbitrary Memory Read

Vulnerability

A vulnerability allowing out-of-bounds read has been identified in the libsthmbc.so library, prior to the SMR January 2025 Release 1. This vulnerability arises from improper handling of malformed bitstreams for smp4vtd, which can lead to local attackers reading arbitrary memory. Exploitation of this vulnerability requires user interaction.

Impact

Exploitation of this vulnerability allows local attackers to read arbitrary memory, which could potentially be used to access sensitive information or manipulate program behavior.

Remediation

Users can apply the January 2025 Security Maintenance Release (SMR) to address this vulnerability. This update is available for major flagship models.

Added: Sep 1, 2025, 7:22 PM

Updated: Sep 1, 2025, 7:22 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

3.0

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

3.0

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Samsung Libsthmbc.so Out-of-Bounds Read Vulnerability Allowing Arbitrary Memory Read

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating