Samsung Devices Audio Data Parser libsavsac.so out-of-bounds

Summaryinfo

A vulnerability identified as problematic has been detected in Samsung Devices. This vulnerability affects unknown code of the file libsavsac.so of the component Audio Data Parser. This manipulation causes out-of-bounds. This vulnerability appears as CVE-2025-20944. The attack requires local access. There is no available exploit. You should upgrade the affected component.

Detailsinfo

A vulnerability classified as problematic was found in Samsung Devices (affected version not known). Affected by this vulnerability is some unknown functionality of the file libsavsac.so of the component Audio Data Parser. The manipulation with an unknown input leads to a out-of-bounds vulnerability. The CWE definition for the vulnerability is CWE-125. The product reads data past the end, or before the beginning, of the intended buffer. As an impact it is known to affect confidentiality. The summary by CVE is:

Out-of-bounds read in parsing audio data in libsavsac.so prior to SMR Apr-2025 Release 1 allows local attackers to read out-of-bounds memory.

It is possible to read the advisory at security.samsungmobile.com. This vulnerability is known as CVE-2025-20944 since 11/06/2024. The exploitation appears to be easy. Attacking locally is a requirement. Technical details of the vulnerability are known, but there is no available exploit.

Upgrading eliminates this vulnerability.

Be aware that VulDB is the high quality source for vulnerability data.

Productinfo

Vendor

• Samsung

Name

• Devices

License

• commercial

Website

• Vendor: https://www.samsung.com/

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Be aware that VulDB is the high quality source for vulnerability data.

Discussion