Primary

Context

Samsung Libimagecodec.quram.so Heap-Based Buffer Overflow Vulnerability

Vulnerability

Patched

A heap-based buffer overflow vulnerability has been identified in libimagecodec.quram.so, in versions prior to the December 2025 Release 1. This vulnerability allows remote attackers to access out-of-bounds memory, potentially leading to arbitrary code execution or other malicious outcomes.

Impact

Exploitation of this vulnerability could result in a heap-based buffer overflow, allowing remote attackers to access out-of-bounds memory. Such memory access could be exploited to execute arbitrary code or cause other unintended behavior in the application.

Remediation

Users can apply the December 2025 Security Maintenance Release (SMR) to address this vulnerability. This SMR package includes patches from both Google and Samsung. Instructions for updating can be found on the Samsung Mobile Security website.

Added: Dec 2, 2025, 2:20 AM

Updated: Dec 2, 2025, 2:20 AM

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

1.9

exploitability

4.7

remediation

7.7

relevance

1.3

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

9.0

impact

1.9

exploitability

4.7

remediation

7.7

relevance

1.3

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Samsung Libimagecodec.quram.so Heap-Based Buffer Overflow Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Android

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating