Out-of-Bounds Read and Write Vulnerability in Samsung Mobile's Image Codec Library
CVE-2025-21055

4.3MEDIUM

Key Information:

Vendor: Samsung
Status: Samsung Devices
Vendor: CVE Published:; 10 October 2025

What is CVE-2025-21055?

An out-of-bounds read and write vulnerability exists in the libimagecodec.quram.so component of Samsung Mobile. This flaw allows remote attackers to exploit memory access, potentially leading to unauthorized access to system resources. Users of affected versions should prioritize updating to the SMR Oct-2025 Release 1 to mitigate risks associated with this vulnerability.

Affected Version(s)

Samsung Mobile Devices SMR Oct-2025 Release in Android 13, 14, 15, 16

References

https://security.samsungmobile.com/securityUpdate.smsb?ye...

CVSS V3.1

Score:

4.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 10, 2025
Vulnerability Reserved
Nov 6, 2024

JSON