Memory Exhaustion Vulnerability in Samsung Mobile and Wearable Processors
CVE-2025-58348

5.5MEDIUM

Key Information:

Vendor: Samsung
Status: Exynos Mobile and Wearable Processor
Vendor: CVE Published:; 3 February 2026

What is CVE-2025-58348?

An unbounded memory allocation vulnerability exists in the Wi-Fi driver of Samsung's Mobile and Wearable Processors, specifically within a /proc/driver/unifi0/confg_tspec write operation. This flaw can lead to kernel memory exhaustion, potentially affecting the efficiency and stability of devices powered by Exynos processors. Users of affected products should ensure they are using the latest security updates provided by Samsung to mitigate this risk.

References

https://semiconductor.samsung.com/support/quality-support...

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 3, 2026
Vulnerability Reserved
Aug 29, 2025

CVE-2025-58348 Data

JSON