Samsung Mobile Keymaster Trustlet Out-of-Bounds Write Vulnerability

A high-severity out-of-bounds write vulnerability has been identified in the Keymaster trustlet of Samsung Mobile devices, affecting several different versions of Android. This vulnerability allows local privileged attackers to write to out-of-bounds memory, potentially leading to memory corruption or other malicious outcomes.

Impact

Exploitation of this vulnerability could allow local privileged attackers to cause memory corruption by writing out-of-bounds, which could be leveraged for arbitrary code execution or to manipulate the device's behavior.

Remediation

Users can apply the May 2025 Security Maintenance Release (SMR) to address this vulnerability. This update is part of the regular monthly security update process and includes patches from both Google and Samsung. For detailed information on Samsung's security update process, please refer to the Samsung Mobile Security Update page.