CVE-2025-58341
BaseFortify
Publication date: 2026-02-03
Last updated on: 2026-02-05
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| samsung | exynos_980_firmware | * |
| samsung | exynos_980 | * |
| samsung | exynos_850_firmware | * |
| samsung | exynos_850 | * |
| samsung | exynos_1080_firmware | * |
| samsung | exynos_1080 | * |
| samsung | exynos_1280_firmware | * |
| samsung | exynos_1280 | * |
| samsung | exynos_1330_firmware | * |
| samsung | exynos_1330 | * |
| samsung | exynos_1380_firmware | * |
| samsung | exynos_1380 | * |
| samsung | exynos_1480_firmware | * |
| samsung | exynos_1480 | * |
| samsung | exynos_1580_firmware | * |
| samsung | exynos_1580 | * |
| samsung | exynos_w920_firmware | * |
| samsung | exynos_w920 | * |
| samsung | exynos_w930_firmware | * |
| samsung | exynos_w930 | * |
| samsung | exynos_w1000_firmware | * |
| samsung | exynos_w1000 | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-770 | The product allocates a reusable resource or group of resources on behalf of an actor without imposing any intended restrictions on the size or number of resources that can be allocated. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-58341 is a medium-severity vulnerability found in the Wi-Fi drivers of multiple Samsung Exynos processors. The issue occurs due to unbounded memory allocation when writing to the procfs interface at /proc/driver/unifi0/ap_cert_disable_ht_vht. This can cause kernel memory exhaustion.
How can this vulnerability impact me? :
This vulnerability can lead to kernel memory exhaustion, which may cause denial of service or system instability on affected devices using the vulnerable Samsung Exynos Wi-Fi drivers.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability involves an unbounded memory allocation triggered by writing to the procfs interface at /proc/driver/unifi0/ap_cert_disable_ht_vht, which can lead to kernel memory exhaustion.
To detect if the vulnerability is being exploited or if the system is affected, you can monitor for unusual memory usage or kernel instability related to the Wi-Fi driver.
- Check for the existence of the vulnerable procfs file: ls -l /proc/driver/unifi0/ap_cert_disable_ht_vht
- Monitor kernel logs for errors or warnings related to the Wi-Fi driver: dmesg | grep unifi0
- Observe system memory usage for signs of kernel memory exhaustion: free -m or top
- Audit write operations to the vulnerable procfs file, for example using auditd or inotify tools to detect suspicious writes.
What immediate steps should I take to mitigate this vulnerability?
[{'type': 'paragraph', 'content': 'No detailed information about patched versions or specific mitigation steps is provided in the available resources.'}, {'type': 'paragraph', 'content': 'As an immediate measure, avoid writing to the /proc/driver/unifi0/ap_cert_disable_ht_vht interface to prevent triggering the unbounded memory allocation.'}, {'type': 'paragraph', 'content': 'Monitor system stability and memory usage closely, and consider restricting access to the vulnerable procfs file to trusted users only.'}, {'type': 'paragraph', 'content': "Stay updated with Samsung's official security advisories for any forthcoming patches or recommended mitigations."}] [1]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know