CVE-2025-52908
Buffer Overflow in Samsung Exynos Wi-Fi Driver via NL80211 ioctl
Publication date: 2026-04-07
Last updated on: 2026-04-09
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| samsung | exynos_1280_firmware | * |
| samsung | exynos_1330_firmware | * |
| samsung | exynos_1380_firmware | * |
| samsung | exynos_1480_firmware | * |
| samsung | exynos_1580_firmware | * |
| samsung | exynos_850_firmware | * |
| samsung | exynos_980_firmware | * |
| samsung | exynos_w930_firmware | * |
| samsung | exynos_w920_firmware | * |
| samsung | exynos_w1000_firmware | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-120 | The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer. |
Attack-Flow Graph
AI Powered Q&A
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, you should apply the security updates issued by Samsung for the affected Exynos WiFi drivers.
Since the vulnerability arises from incorrect handling of the NL80211 vendor command leading to a buffer overflow, updating the WiFi driver to a patched version will prevent exploitation.
How can this vulnerability impact me? :
The buffer overflow vulnerability in the Samsung Exynos WiFi driver could allow an attacker to execute arbitrary code or cause a denial of service on affected devices.
This means that an attacker might gain control over the device or disrupt its normal operation by exploiting the flawed processing of vendor-specific NL80211 commands.
Can you explain this vulnerability to me?
CVE-2025-52908 is a high-severity vulnerability in the Wi-Fi driver of multiple Samsung Exynos processors and wearable processors. It is caused by incorrect handling of the NL80211 vendor command, which leads to a buffer overflow condition.
This buffer overflow occurs when the driver processes a certain ioctl message improperly, potentially allowing an attacker to exploit this flaw.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided information does not specify how the CVE-2025-52908 vulnerability affects compliance with common standards and regulations such as GDPR or HIPAA.