CVE-2025-58340 is a vulnerability discovered in the Wi-Fi driver component of Samsung Mobile Processor and Wearable Processor families including Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, 1580, and wearable processors W920, W930, and W1000. The issue arises from unbounded memory allocation triggered by writing a large buffer to the /proc/driver/unifi0/send_delts interface. This operation leads to kernel memory exhaustion, effectively causing a denial-of-service (DoS) condition by depleting system resources. The vulnerability is classified under CWE-770 (Allocation of Resources Without Limits or Throttling). Exploitation requires local access to the device with low privileges and does not require user interaction, making it feasible for an attacker with limited access to disrupt device availability. The CVSS v3.1 base score is 6.2, with an attack vector of local (AV:L), low attack complexity (AC:L), no privileges required (PR:N), no user interaction (UI:N), unchanged scope (S:U), and impact limited to availability (A:H) without affecting confidentiality or integrity. No known exploits are currently reported in the wild, and no official patches have been released at the time of publication. The vulnerability affects a broad range of Samsung Exynos processors widely used in mobile phones and wearable devices, which could impact device stability and availability if exploited.

For European organizations, the primary impact of CVE-2025-58340 is the potential for denial-of-service conditions on devices using affected Samsung Exynos processors. This could disrupt mobile communications, wearable device functionality, and related business operations, especially in sectors relying heavily on mobile technology such as telecommunications, healthcare, and finance. While the vulnerability does not compromise data confidentiality or integrity, the loss of availability could hinder critical workflows, remote work capabilities, and real-time monitoring systems that depend on these devices. Organizations with large fleets of Samsung-based mobile or wearable devices may experience increased support costs and operational downtime. Additionally, the local attack vector means that physical or local network access is required, which somewhat limits the risk to remote attackers but does not eliminate insider threats or attacks via compromised local networks.

To mitigate CVE-2025-58340, organizations should first restrict access to the /proc/driver/unifi0/send_delts interface to trusted users and processes only, employing strict access control policies and monitoring for unauthorized attempts to write to this interface. Network segmentation and endpoint security controls can reduce the risk of local attackers gaining access to vulnerable devices. Monitoring device memory usage and kernel logs for signs of abnormal memory allocation or exhaustion can provide early warning of exploitation attempts. Organizations should stay informed about Samsung's security advisories and apply firmware or driver updates promptly once patches become available. Additionally, consider deploying endpoint detection and response (EDR) solutions capable of detecting anomalous behavior related to kernel resource exhaustion. For critical environments, evaluate alternative hardware or software configurations that do not rely on affected Exynos processors until the vulnerability is remediated.