CVE-2025-21006
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-07-08
Last updated on: 2025-07-15
Assigner: Samsung Mobile
Description
Description
Out-of-bounds write in handling of macro blocks for MPEG4 codec in libsavsvc.so prior to Android 15 allows local attackers to write out-of-bounds memory.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| samsung | android | to 15.0 (exc) |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-787 | The product writes data past the end, or before the beginning, of the intended buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an out-of-bounds write issue in the handling of macro blocks for the MPEG4 codec in the libsavsvc.so library on Android devices prior to version 15. It allows local attackers to write data outside the intended memory boundaries, potentially leading to memory corruption.
How can this vulnerability impact me? :
The vulnerability can allow a local attacker to corrupt memory, which may lead to elevated privileges, data corruption, or denial of service on affected devices.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70