SB20251114105 - Multiple vulnerabilities in Samsung Mobile Firmware (March 2025)
Published: November 14, 2025
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 49 secuirty vulnerabilities.
1) Information exposure (CVE-ID: CVE-2025-0082)
The vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to improper input validation within the System component. A local application can gain access to sensitive information.
2) Improper input validation (CVE-ID: CVE-2025-0080)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the Framework component. A local application can execute arbitrary code.
3) Improper input validation (CVE-ID: CVE-2025-0087)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the Framework component. A local application can execute arbitrary code.
4) Information exposure (CVE-ID: CVE-2024-43090)
The vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to improper input validation within the System component. A local application can gain access to sensitive information.
5) Information exposure (CVE-ID: CVE-2025-0083)
The vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to improper input validation within the Framework component. A local application can gain access to sensitive information.
6) Information exposure (CVE-ID: CVE-2025-0086)
The vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to improper input validation within the Framework component. A local application can gain access to sensitive information.
7) Improper input validation (CVE-ID: CVE-2024-49740)
The vulnerability allows a local application to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the Framework component. A local application can perform a denial of service (DoS) attack.
8) Improper input validation (CVE-ID: CVE-2023-21125)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the System component. A local application can execute arbitrary code.
9) Improper input validation (CVE-ID: CVE-2025-0079)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the System component. A local application can execute arbitrary code.
10) Improper input validation (CVE-ID: CVE-2025-22404)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the System component. A local application can execute arbitrary code.
11) Improper input validation (CVE-ID: CVE-2025-22405)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the System component. A local application can execute arbitrary code.
12) Improper input validation (CVE-ID: CVE-2025-22406)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the System component. A local application can execute arbitrary code.
13) Information exposure (CVE-ID: CVE-2024-49728)
The vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to improper input validation within the System component. A local application can gain access to sensitive information.
14) Information exposure (CVE-ID: CVE-2025-26417)
The vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to improper input validation within the System component. A local application can gain access to sensitive information.
15) Improper input validation (CVE-ID: CVE-2024-43093)
The vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to improper input validation within the Framework Documents UI component. A local application can execute arbitrary code with elevated privileges.
Note, the vulnerability is being actively exploited in the wild.
16) Information exposure (CVE-ID: CVE-2025-0092)
The vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to improper input validation within the System component. A local application can gain access to sensitive information.
17) Information exposure (CVE-ID: CVE-2025-0093)
The vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to improper input validation within the System component. A local application can gain access to sensitive information.
18) Information exposure (CVE-ID: CVE-2025-22407)
The vulnerability allows a local application to gain access to sensitive information.
The vulnerability exists due to improper input validation within the System component. A local application can gain access to sensitive information.
19) Improper input validation (CVE-ID: CVE-2025-0078)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the Framework component. A local application can execute arbitrary code.
20) Improper input validation (CVE-ID: CVE-2024-0032)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the Framework component. A local application can execute arbitrary code.
21) Improper Validation of Array Index (CVE-ID: CVE-2024-45569)
The vulnerability allows a remote attacker to execute arbitrary code.
The vulnerability exists due to improper input validation in WLAN Host Communication. A remote attacker can execute arbitrary code.
22) Use-after-free (CVE-ID: CVE-2024-47892)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error of kernel memory in PMRUnlockPhysAddressesOSMem for on-demand non-4KB PMRs in system memory (UMA). A local user can conduct GPU system calls to read and write freed physical memory from the GPU.
23) Improper input validation (CVE-ID: CVE-2025-0074)
The vulnerability allows a remote attacker to execute arbitrary code.
The vulnerability exists due to improper input validation within the System component. A remote attacker can trick the victim to open a specially crafted file and execute arbitrary code.
24) Improper input validation (CVE-ID: CVE-2025-0075)
The vulnerability allows a remote attacker to execute arbitrary code.
The vulnerability exists due to improper input validation within the System component. A remote attacker can trick the victim to open a specially crafted file and execute arbitrary code.
25) Improper input validation (CVE-ID: CVE-2025-0084)
The vulnerability allows a remote attacker to execute arbitrary code.
The vulnerability exists due to improper input validation within the System component. A remote attacker can trick the victim to open a specially crafted file and execute arbitrary code.
26) Improper input validation (CVE-ID: CVE-2025-22403)
The vulnerability allows a remote attacker to execute arbitrary code.
The vulnerability exists due to improper input validation within the System component. A remote attacker can trick the victim to open a specially crafted file and execute arbitrary code.
27) Improper input validation (CVE-ID: CVE-2025-22408)
The vulnerability allows a remote attacker to execute arbitrary code.
The vulnerability exists due to improper input validation within the System component. A remote attacker can trick the victim to open a specially crafted file and execute arbitrary code.
28) Improper input validation (CVE-ID: CVE-2025-22410)
The vulnerability allows a remote attacker to execute arbitrary code.
The vulnerability exists due to improper input validation within the System component. A remote attacker can trick the victim to open a specially crafted file and execute arbitrary code.
29) Improper input validation (CVE-ID: CVE-2025-22411)
The vulnerability allows a remote attacker to execute arbitrary code.
The vulnerability exists due to improper input validation within the System component. A remote attacker can trick the victim to open a specially crafted file and execute arbitrary code.
30) Improper input validation (CVE-ID: CVE-2025-22412)
The vulnerability allows a remote attacker to execute arbitrary code.
The vulnerability exists due to improper input validation within the System component. A remote attacker can trick the victim to open a specially crafted file and execute arbitrary code.
31) Improper input validation (CVE-ID: CVE-2025-22409)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation within the System component. A local application can execute arbitrary code.
32) Improper input validation (CVE-ID: CVE-2025-0081)
The vulnerability allows a local application to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the System component. A local application can perform a denial of service (DoS) attack.
33) Buffer overflow (CVE-ID: CVE-2024-38420)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error while configuring a Hypervisor based input virtual device. A local user can trigger memory corruption and execute arbitrary code on the target system.
34) Buffer over-read (CVE-ID: CVE-2024-38404)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation in Multi Mode Call Processor. A remote attacker can perform a denial of service (DoS) attack.
35) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2024-43705)
The vulnerability allows a local process to overwrite read-only memory.
The vulnerability exists due to improper privilege management in PVRSRVBridgePhysmemWrapExtMem. A local process can write to arbitrary read-only system files that have been mapped into application memory.
36) Use-after-free (CVE-ID: CVE-2025-0015)
The vulnerability allows a local application to escalate privileges on the system.
The vulnerability exists due to a use-after-free error. A local application can execute arbitrary code with elevated privileges.
37) Buffer over-read (CVE-ID: CVE-2024-49839)
The vulnerability allows a remote attacker to read and manipulate data.
The vulnerability exists due to improper input validation in WLAN Host Cmn. A remote attacker can read and manipulate data.
38) Improper Validation of Array Index (CVE-ID: CVE-2024-49834)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation in Camera. A local application can execute arbitrary code.
39) Improper Validation of Array Index (CVE-ID: CVE-2024-49832)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation in Camera. A local application can execute arbitrary code.
40) Improper Validation of Array Index (CVE-ID: CVE-2024-49833)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to improper input validation in Camera. A local application can execute arbitrary code.
41) Race condition (CVE-ID: CVE-2025-0088)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition in SPF. A local user can exploit the race and escalate privileges on the system.
42) Out-of-bounds write (CVE-ID: CVE-2024-53104)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to an out-of-bounds read error within the uvc_parse_format() function in drivers/media/usb/uvc/uvc_driver.c. A local user can trigger an out-of-bounds write and execute arbitrary code on the system.
Note, the vulnerability is being actively exploited in the wild.
43) Use-after-free (CVE-ID: CVE-2024-46973)
The vulnerability allows a local process to escalate privileges on the system.
The vulnerability exists due to a reference count mismanagement in psServerMMUContext . A local process can trigger a use-after-free error and escalate privileges on the system.
44) Out-of-bounds write (CVE-ID: CVE-2024-52935)
The vulnerability allows a guest OS to execute arbitrary code.
The vulnerability exists due to a boundary error when processing untrusted input. Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to write data outside the Guest’s virtualised GPU memory.
45) Information exposure (CVE-ID: CVE-2024-39441)
The vulnerability allows a remote attacker to read and manipulate data.
The vulnerability exists due to a possible missing permission check within the wifi display in Android. A remote attacker can trick the victim to open a specially crafted file and read and manipulate data.
46) Out-of-bounds write (CVE-ID: CVE-2025-20635)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to a missing bounds check within DA. A local application can execute arbitrary code.
47) Out-of-bounds write (CVE-ID: CVE-2025-20636)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to a missing bounds check within secmem. A local application can execute arbitrary code.
48) Write-what-where Condition (CVE-ID: CVE-2024-20141)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to a missing bounds check within DA. A local application can execute arbitrary code.
49) Out-of-bounds write (CVE-ID: CVE-2024-20142)
The vulnerability allows a local application to execute arbitrary code.
The vulnerability exists due to a missing bounds check within DA. A local application can execute arbitrary code.
Remediation
Install update from vendor's website.