CVE-2025-20944

Published Apr 8, 2025

Last updated 3 months ago

CVSS medium 6.2

Overview

Description
Out-of-bounds read in parsing audio data in libsavsac.so prior to SMR Apr-2025 Release 1 allows local attackers to read out-of-bounds memory.
Source
mobile.security@samsung.com
NVD status
Awaiting Analysis

Risk scores

CVSS 3.1

Type
Secondary
Base score
6.2
Impact score
3.6
Exploitability score
2.5
Vector string
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Severity
MEDIUM

Social media

Hype score
Not currently trending

  1. Samsung Mobile Security Maintenance Release April 2025 https://t.co/GOLGTZdmke (CVE-2025-20944)OOB read in parsing audio data in https://t.co/Zw2HgVppLd @natashenka (CVE-2025-20936)Improper access control in HDCP trustlet @Bonfee1

    @xvonfers

    10 Apr 2025

    2333 Impressions

    3 Retweets

    16 Likes

    5 Bookmarks

    0 Replies

    0 Quotes

References

Sources include official advisories and independent security research.