Out-of-Bounds Write Vulnerability in Samsung's libimagecodec.quram.so
CVE-2025-58478

4.3MEDIUM

Key Information:

Vendor: Samsung
Status: Samsung Devices
Vendor: CVE Published:; 2 December 2025

What is CVE-2025-58478?

The out-of-bounds write vulnerability in Samsung's libimagecodec.quram.so prior to the SMR Dec-2025 Release 1 enables remote attackers to exploit memory vulnerabilities, potentially leading to unauthorized access and manipulation of memory beyond allocated boundaries. This presents serious risks that can compromise system integrity and user data.

Affected Version(s)

Samsung Mobile Devices SMR Dec-2025 Release in Android 13, 14, 15, 16

References

https://security.samsungmobile.com/securityUpdate.smsb?ye...

CVSS V3.1

Score:

4.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 2, 2025
Vulnerability Reserved
Sep 3, 2025

JSON