Android libsavsvc.so OOB Read in Frame Header Decoding
CVE-2025-21009 Published on July 8, 2025

Out-of-bounds read in decoding malformed frame header in libsavsvc.so prior to Android 15 allows local attackers to cause memory corruption.

NVD

Vulnerability Analysis

CVE-2025-21009 can be exploited with local system access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.

Attack Vector:

LOCAL

Attack Complexity:

LOW

Privileges Required:

LOW

User Interaction:

NONE

Scope:

UNCHANGED

Confidentiality Impact:

NONE

Integrity Impact:

NONE

Availability Impact:

HIGH

Products Associated with CVE-2025-21009

stack.watch emails you whenever new vulnerabilities are published in Samsung Android or Google Android. Just hit a watch button to start following.

Samsung Android

Google Android

Affected Versions

Samsung Mobile libsavsvc.so Version Android 15 is unaffected by CVE-2025-21009

Exploit Probability

EPSS

0.03%

Percentile

6.37%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

Android libsavsvc.so OOB Read in Frame Header DecodingCVE-2025-21009 Published on July 8, 2025

Vulnerability Analysis

Products Associated with CVE-2025-21009

Affected Versions

Exploit Probability

Android libsavsvc.so OOB Read in Frame Header Decoding
CVE-2025-21009 Published on July 8, 2025