CVE-2025-58340 – This vulnerability in Samsung Exynos Wi-Fi driv... (How to Fix)

Q: What is the severity of CVE-2025-58340?

CVE-2025-58340 has a CVSS score of 6.2 (MEDIUM). This vulnerability in Samsung Exynos Wi-Fi drivers allows attackers to cause kernel memory exhaustion through unbounded memory allocation. Attackers can trigger this by writing large buffers to /proc/driver/unifi0/send_delts, potentially leading to denial of service. This affects Samsung mobile and wearable devices using the listed Exynos processors.

📋 TL;DR

This vulnerability in Samsung Exynos Wi-Fi drivers allows attackers to cause kernel memory exhaustion through unbounded memory allocation. Attackers can trigger this by writing large buffers to /proc/driver/unifi0/send_delts, potentially leading to denial of service. This affects Samsung mobile and wearable devices using the listed Exynos processors.

💻 Affected Systems

Products:

Samsung Mobile Processor Exynos 980
Samsung Mobile Processor Exynos 850
Samsung Mobile Processor Exynos 1080
Samsung Mobile Processor Exynos 1280
Samsung Mobile Processor Exynos 1330
Samsung Mobile Processor Exynos 1380
Samsung Mobile Processor Exynos 1480
Samsung Mobile Processor Exynos 1580
Samsung Wearable Processor Exynos W920
Samsung Wearable Processor Exynos W930
Samsung Wearable Processor Exynos W1000

Versions: All versions with vulnerable Wi-Fi driver implementation

Operating Systems: Android-based systems on affected Exynos processors

Default Config Vulnerable: ⚠️ Yes

Notes: Requires access to /proc/driver/unifi0/send_delts which typically requires root or elevated privileges on most Android systems.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system crash or freeze requiring hard reboot, potentially disrupting device functionality and availability.

🟠

Likely Case

Local denial of service causing temporary device unresponsiveness or performance degradation.

🟢

If Mitigated

Minimal impact if proper access controls restrict write access to the vulnerable proc filesystem entry.

🌐 Internet-Facing: LOW - Requires local access to the device's filesystem interface.

🏢 Internal Only: MEDIUM - Malicious apps or users with local access could exploit this to disrupt device functionality.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires write access to the proc filesystem entry, which typically requires elevated privileges on Android systems.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check Samsung security updates for specific device/OS versions

Vendor Advisory: https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2025-58340/

Restart Required: Yes

Instructions:

1. Check for security updates in device settings. 2. Apply available Samsung security patches. 3. Reboot device after update installation.

🔧 Temporary Workarounds

Restrict proc filesystem access

linux

Limit write access to /proc/driver/unifi0/send_delts to prevent exploitation

chmod 440 /proc/driver/unifi0/send_delts
chown root:root /proc/driver/unifi0/send_delts

🧯 If You Can't Patch

Implement strict access controls to prevent unauthorized write access to /proc/driver/unifi0/send_delts
Monitor system logs for unusual memory allocation patterns or repeated access attempts to the vulnerable proc entry

🔍 How to Verify

Check if Vulnerable:

Check if /proc/driver/unifi0/send_delts exists and is writable by non-root users

Check Version:

getprop ro.build.version.security_patch

Verify Fix Applied:

Verify security patch level includes CVE-2025-58340 fix and test that large writes to /proc/driver/unifi0/send_delts no longer cause memory exhaustion

📡 Detection & Monitoring

Log Indicators:

Kernel OOM (Out of Memory) events
Unusual memory allocation patterns in kernel logs
Repeated write operations to /proc/driver/unifi0/send_delts

Network Indicators:

None - this is a local filesystem vulnerability

SIEM Query:

source="kernel" AND ("out of memory" OR "OOM" OR "/proc/driver/unifi0/send_delts")

📊 Metadata

CVE ID: CVE-2025-58340

CVSS v3 Score: 6.2 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-770

EPSS Score: 0.02% exploit probability (3.9th percentile)

Published: February 3, 2026

Last Updated: February 5, 2026

🔗 References

https://semiconductor.samsung.com/support/quality-support/product-security-updates/ Vendor Advisory
https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2025-58340/ Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-58340, you might also want to check these:

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Exynos 1080 Firmware by Samsung

Exynos 1280 Firmware by Samsung

Exynos 1330 Firmware by Samsung

Exynos 1380 Firmware by Samsung

Exynos 1480 Firmware by Samsung

Exynos 1580 Firmware by Samsung

Exynos 850 Firmware by Samsung

Exynos 980 Firmware by Samsung

Exynos W1000 Firmware by Samsung

Exynos W920 Firmware by Samsung

Exynos W930 Firmware by Samsung