SB2026041081 - Multiple vulnerabilities in Samsung products
Published: April 10, 2026
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 11 secuirty vulnerabilities.
1) Buffer overflow (CVE-ID: CVE-2025-52908)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to incorrect handling of NL80211 vendor command in the Wi-Fi driver. A remote attacker can trigger memory corruption and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
2) Out-of-bounds write (CVE-ID: CVE-2025-62818)
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to a boundary error when processing untrusted input in SMS. A remote attacker can trigger an out-of-bounds write and execute arbitrary code on the target system.
3) Resource exhaustion (CVE-ID: CVE-2025-59440)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper handling of SIM card proactive commands in USIM. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.
4) Resource exhaustion (CVE-ID: CVE-2025-58349)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to application does not properly control consumption of internal resources within handling of LTE MAC packets containing many MAC Control Elements (CEs) in L2. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.
5) Input validation error (CVE-ID: CVE-2025-57835)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper memory initialization in RRC. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.
6) Input validation error (CVE-ID: CVE-2025-57834)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input in RRC. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.
7) Race condition (CVE-ID: CVE-2025-54602)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to improper synchronization on a global variable in the Wi-Fi driver. A local user can invoke an ioctl function, exploit the race and gain unauthorized access to sensitive information and escalate privileges on the system.
8) Race condition (CVE-ID: CVE-2025-54601)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to improper synchronization on a global variable in the Wi-Fi driver. A local user can invoke an ioctl function, exploit the race and gain unauthorized access to sensitive information and escalate privileges on the system.
9) Stack-based buffer overflow (CVE-ID: CVE-2025-54328)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error while parsing SMS RP-DATA messages in SMS. A remote unauthenticated attacker can trigger stack-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
10) Resource exhaustion (CVE-ID: CVE-2025-54324)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect handling of DL NAS Transport packet in NAS. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.
11) Buffer overflow (CVE-ID: CVE-2025-52909)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to incorrect Handling of NL80211 vendor command in the Wi-Fi driver. A remote attacker can trigger memory corruption and execute arbitrary code on the target system.
Remediation
Install update from vendor's website.
References
- https://semiconductor.samsung.com/content/semiconductor/global/support/quality-support/product-security-updates/cve-2025-52908/
- https://semiconductor.samsung.com/content/semiconductor/global/support/quality-support/product-security-updates/cve-2025-62818/
- https://semiconductor.samsung.com/content/semiconductor/global/support/quality-support/product-security-updates/cve-2025-59440/
- https://semiconductor.samsung.com/content/semiconductor/global/support/quality-support/product-security-updates/cve-2025-58349/
- https://semiconductor.samsung.com/content/semiconductor/global/support/quality-support/product-security-updates/cve-2025-57835/
- https://semiconductor.samsung.com/content/semiconductor/global/support/quality-support/product-security-updates/cve-2025-57834/
- https://semiconductor.samsung.com/content/semiconductor/global/support/quality-support/product-security-updates/cve-2025-54602/
- https://semiconductor.samsung.com/content/semiconductor/global/support/quality-support/product-security-updates/cve-2025-54601/
- https://semiconductor.samsung.com/content/semiconductor/global/support/quality-support/product-security-updates/cve-2025-54328/
- https://semiconductor.samsung.com/content/semiconductor/global/support/quality-support/product-security-updates/cve-2025-54324/
- https://semiconductor.samsung.com/content/semiconductor/global/support/quality-support/product-security-updates/cve-2025-52909/