An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1280, 1330, 1380, 1480, 1580, W920, W930, and W1000. Incorrect Handling of the NL80211 vendor command leads to a buffer overflow via a certain ioctl message, issue 2 of 2.
The flaw results from improper handling of NL80211 vendor command (NL80211 vendor command) in the Wi-Fi driver. Through a specially crafted ioctl message, a buffer overflow (CWE-120) can be triggered. The vulnerability requires no authentication or user interaction, and the attack vector is network-based, making it particularly dangerous.
Successful exploitation of this vulnerability can lead to complete breach of system confidentiality, integrity, and availability, including potential remote takeover of the device (RCE). This is the second of two identified vulnerabilities of this type in the same component.
Security patches available from the manufacturer should be applied according to the references: https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2025-52909/
Firmware of Samsung Exynos processors: 980, 850, 1280, 1330, 1380, 1480, 1580, W920, W930, and W1000 — used in mobile devices and wearables.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HSamsung Exynos 1280
HWSamsungwszystkie wersjeSamsung Exynos 1280 Firmware
OSSamsungwszystkie wersjeSamsung Exynos 1330
HWSamsungwszystkie wersjeSamsung Exynos 1330 Firmware
OSSamsungwszystkie wersjeSamsung Exynos 1380
HWSamsungwszystkie wersjeSamsung Exynos 1380 Firmware
OSSamsungwszystkie wersjeSamsung Exynos 1480
HWSamsungwszystkie wersjeSamsung Exynos 1480 Firmware
OSSamsungwszystkie wersjeSamsung Exynos 1580
HWSamsungwszystkie wersjeSamsung Exynos 1580 Firmware
OSSamsungwszystkie wersjeSamsung Exynos 850
HWSamsungwszystkie wersjeSamsung Exynos 850 Firmware
OSSamsungwszystkie wersjeSamsung Exynos 980
HWSamsungwszystkie wersjeSamsung Exynos 980 Firmware
OSSamsungwszystkie wersjeSamsung Exynos W1000
HWSamsungwszystkie wersjeSamsung Exynos W1000 Firmware
OSSamsungwszystkie wersjeSamsung Exynos W920
HWSamsungwszystkie wersjeSamsung Exynos W920 Firmware
OSSamsungwszystkie wersjeSamsung Exynos W930
HWSamsungwszystkie wersjeSamsung Exynos W930 Firmware
OSSamsungwszystkie wersje
Related vulnerabilities
Buffer overflow w sterowniku Wi-Fi Samsung Exynos przez błędną obsługę NL80211
Out-of-bounds write w procesorach Samsung Exynos przy przetwarzaniu SMS TP-UD
Stack-based Buffer Overflow w obsłudze SMS w procesorach Samsung Exynos
Błąd obsługi pakietów LTE MAC w procesorach Samsung Exynos powoduje crash baseband
Out-of-bounds write w Samsung Exynos via błędne pakiety NAS