CVE-2025-58341 – This vulnerability in Samsung Exynos Wi-Fi driv... (How to Fix)

Q: What is the severity of CVE-2025-58341?

CVE-2025-58341 has a CVSS score of 6.2 (MEDIUM). This vulnerability in Samsung Exynos Wi-Fi drivers allows attackers to cause kernel memory exhaustion through unbounded memory allocation. Attackers can trigger this by writing a large buffer to /proc/driver/unifi0/ap_cert_disable_ht_vht, potentially leading to denial of service. This affects Samsung mobile and wearable devices using the listed Exynos processors.

📋 TL;DR

This vulnerability in Samsung Exynos Wi-Fi drivers allows attackers to cause kernel memory exhaustion through unbounded memory allocation. Attackers can trigger this by writing a large buffer to /proc/driver/unifi0/ap_cert_disable_ht_vht, potentially leading to denial of service. This affects Samsung mobile and wearable devices using the listed Exynos processors.

💻 Affected Systems

Products:

Samsung Mobile Processor Exynos 980
Samsung Mobile Processor Exynos 850
Samsung Mobile Processor Exynos 1080
Samsung Mobile Processor Exynos 1280
Samsung Mobile Processor Exynos 1330
Samsung Mobile Processor Exynos 1380
Samsung Mobile Processor Exynos 1480
Samsung Mobile Processor Exynos 1580
Samsung Wearable Processor Exynos W920
Samsung Wearable Processor Exynos W930
Samsung Wearable Processor Exynos W1000

Versions: All versions with vulnerable Wi-Fi driver

Operating Systems: Android-based systems using affected Exynos processors

Default Config Vulnerable: ⚠️ Yes

Notes: Requires write access to /proc/driver/unifi0/ap_cert_disable_ht_vht, which may be restricted by SELinux or other security policies.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system crash or freeze requiring hard reboot, potentially disrupting device functionality and availability.

🟠

Likely Case

Local denial of service causing temporary device instability or performance degradation.

🟢

If Mitigated

Minimal impact if proper access controls restrict write access to the vulnerable proc file.

🌐 Internet-Facing: LOW - Requires local access to the vulnerable interface, not directly exploitable over network.

🏢 Internal Only: MEDIUM - Malicious apps or users with local access could exploit this to disrupt device functionality.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires local access and ability to write to the proc file. No privilege escalation demonstrated.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check Samsung security updates for specific device/processor patches

Vendor Advisory: https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2025-58341/

Restart Required: Yes

Instructions:

1. Check for security updates from Samsung. 2. Apply available patches through device update mechanism. 3. Reboot device after update installation.

🔧 Temporary Workarounds

Restrict proc file access

linux

Limit write access to /proc/driver/unifi0/ap_cert_disable_ht_vht using SELinux or file permissions

chmod 440 /proc/driver/unifi0/ap_cert_disable_ht_vht
chown root:root /proc/driver/unifi0/ap_cert_disable_ht_vht

🧯 If You Can't Patch

Implement strict SELinux policies to restrict access to vulnerable proc files
Monitor for abnormal memory consumption patterns and suspicious write operations to /proc/driver/unifi0/

🔍 How to Verify

Check if Vulnerable:

Check if /proc/driver/unifi0/ap_cert_disable_ht_vht exists and is writable by non-privileged users

Check Version:

Check device settings > About phone > Software information for security patch level

Verify Fix Applied:

Verify patch installation through device security patch level and attempt to reproduce memory exhaustion (not recommended in production)

📡 Detection & Monitoring

Log Indicators:

Kernel OOM (Out of Memory) events
Abnormal memory allocation patterns in kernel logs
Failed write operations to /proc/driver/unifi0/

Network Indicators:

None - local vulnerability only

SIEM Query:

source="kernel" AND ("oom" OR "memory allocation failed" OR "/proc/driver/unifi0")

📊 Metadata

CVE ID: CVE-2025-58341

CVSS v3 Score: 6.2 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-770

EPSS Score: 0.02% exploit probability (3.9th percentile)

Published: February 3, 2026

Last Updated: February 5, 2026

🔗 References

https://semiconductor.samsung.com/support/quality-support/product-security-updates/ Vendor Advisory
https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2025-58341/ Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-58341, you might also want to check these:

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Exynos 1080 Firmware by Samsung

Exynos 1280 Firmware by Samsung

Exynos 1330 Firmware by Samsung

Exynos 1380 Firmware by Samsung

Exynos 1480 Firmware by Samsung

Exynos 1580 Firmware by Samsung

Exynos 850 Firmware by Samsung

Exynos 980 Firmware by Samsung

Exynos W1000 Firmware by Samsung

Exynos W920 Firmware by Samsung

Exynos W930 Firmware by Samsung