Out-of-Bounds Write in DNG Format Parsing in Samsung Media Codec
CVE-2026-21048
8.4HIGH
What is CVE-2026-21048?
A vulnerability exists in the parsing of DNG format within libimagecodec.media.quram.so prior to the SMR Jul-2026 Release 1 from Samsung. This flaw allows remote attackers to perform an out-of-bounds write, potentially enabling unwanted access and manipulation of memory during image processing.
Affected Version(s)
Samsung Mobile Devices SMR Jul-2026 Release in Android 14, 15, 16