Primary

Context

Samsung Libsthmbc.so Out-of-Bounds Read Vulnerability Allowing Arbitrary Memory Read

Vulnerability

Patched

A vulnerability allowing out-of-bounds read has been identified in the libsthmbc.so library, prior to the SMR January 2025 Release 1. This vulnerability arises from improper handling of malformed video thumbnail bitstreams, which can lead to local attackers reading arbitrary memory. Exploitation of this vulnerability requires user interaction.

Impact

Exploitation of this vulnerability allows local attackers to read arbitrary memory, potentially leading to information disclosure or further exploitation.

Remediation

Users can apply the January 2025 Security Maintenance Release, which includes the necessary patch for this vulnerability.

Added: Sep 1, 2025, 7:22 PM

Updated: Sep 1, 2025, 7:22 PM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

3.0

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

0.6

exploitability

3.0

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Samsung Libsthmbc.so Out-of-Bounds Read Vulnerability Allowing Arbitrary Memory Read

Vulnerability

Impact

Remediation

Affected Products

Android

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating