CVE-2025-58342 – This vulnerability in Samsung Exynos Wi-Fi driv... (How to Fix)

Q: What is the severity of CVE-2025-58342?

CVE-2025-58342 has a CVSS score of 6.2 (MEDIUM). This vulnerability in Samsung Exynos Wi-Fi drivers allows attackers to cause kernel memory exhaustion through unbounded memory allocation. Attackers can trigger a denial-of-service condition by writing large buffers to a specific /proc filesystem interface. This affects Samsung mobile and wearable devices using the listed Exynos processors.

📋 TL;DR

This vulnerability in Samsung Exynos Wi-Fi drivers allows attackers to cause kernel memory exhaustion through unbounded memory allocation. Attackers can trigger a denial-of-service condition by writing large buffers to a specific /proc filesystem interface. This affects Samsung mobile and wearable devices using the listed Exynos processors.

💻 Affected Systems

Products:

Samsung Mobile Processor Exynos 980
Samsung Mobile Processor Exynos 850
Samsung Mobile Processor Exynos 1080
Samsung Mobile Processor Exynos 1280
Samsung Mobile Processor Exynos 1330
Samsung Mobile Processor Exynos 1380
Samsung Mobile Processor Exynos 1480
Samsung Mobile Processor Exynos 1580
Samsung Wearable Processor Exynos W920
Samsung Wearable Processor Exynos W930
Samsung Wearable Processor Exynos W1000

Versions: All versions with vulnerable Wi-Fi driver

Operating Systems: Android, Wear OS, Tizen

Default Config Vulnerable: ⚠️ Yes

Notes: Requires access to /proc/driver/unifi0/uapsd interface, typically requiring root or privileged app permissions.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system crash or freeze requiring hard reboot, potentially causing data loss and service disruption on affected devices.

🟠

Likely Case

Device instability, application crashes, and degraded performance due to kernel memory exhaustion.

🟢

If Mitigated

Limited impact with proper access controls preventing unauthorized /proc access.

🌐 Internet-Facing: LOW - Requires local access to /proc filesystem, not directly exploitable over network.

🏢 Internal Only: MEDIUM - Malicious apps or users with shell access could exploit this to disrupt device functionality.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires write access to /proc interface, which typically requires elevated privileges or compromised applications.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check Samsung security updates for specific device models

Vendor Advisory: https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2025-58342/

Restart Required: Yes

Instructions:

1. Check for security updates in device settings
2. Apply available Samsung security patches
3. Reboot device after update installation

🔧 Temporary Workarounds

Restrict /proc access

linux

Limit access to /proc/driver/unifi0/uapsd interface to prevent unauthorized writes

chmod 600 /proc/driver/unifi0/uapsd
chown root:root /proc/driver/unifi0/uapsd

🧯 If You Can't Patch

Restrict shell access and app permissions to prevent unauthorized /proc access
Monitor system logs for unusual /proc write operations

🔍 How to Verify

Check if Vulnerable:

Check if /proc/driver/unifi0/uapsd exists and is writable by non-root users

Check Version:

getprop ro.build.version.security_patch

Verify Fix Applied:

Verify security patch level includes CVE-2025-58342 fix via device security settings

📡 Detection & Monitoring

Log Indicators:

Large write operations to /proc/driver/unifi0/uapsd
Kernel OOM (Out of Memory) events
System instability logs

Network Indicators:

None - local exploitation only

SIEM Query:

proc_access AND path:"/proc/driver/unifi0/uapsd" AND size:>1000000

📊 Metadata

CVE ID: CVE-2025-58342

CVSS v3 Score: 6.2 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-770

EPSS Score: 0.02% exploit probability (3.9th percentile)

Published: February 3, 2026

Last Updated: February 5, 2026

🔗 References

https://semiconductor.samsung.com/support/quality-support/product-security-updates/ Vendor Advisory
https://semiconductor.samsung.com/support/quality-support/product-security-updates/cve-2025-58342/ Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-58342, you might also want to check these:

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Exynos 1080 Firmware by Samsung

Exynos 1280 Firmware by Samsung

Exynos 1330 Firmware by Samsung

Exynos 1380 Firmware by Samsung

Exynos 1480 Firmware by Samsung

Exynos 1580 Firmware by Samsung

Exynos 850 Firmware by Samsung

Exynos 980 Firmware by Samsung

Exynos W1000 Firmware by Samsung

Exynos W920 Firmware by Samsung

Exynos W930 Firmware by Samsung