Security Bulletin
Summary
- Security CVES
- Medium CVE-2025-31716
Minutia
- CVE ID CVE-2025-31716
- Title Stack-based Buffer Overflow in bootloader
- Description
In bootloader, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed.
- Technology Area Bootloader
- Vulnerability Type CWE-121 Stack Overflow
- Access Vector Local
- CVSS Rating Medium
- CVSS Score 5.1
- CVSS String CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
- Affected Chipsets*
SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T750/T765/T760/T770/T820/S8000
- Affected Software Versions
Android13/Android14/Android15
*The list of affected chipsets may not be complete. For latest information, device OEMs can contact directly at https://unisupport.unisoc.com
Vulnerability type definition
- Abbreviation Interpretation
- RCE Remote Code Execution
- EoP Elevation of Privilege
- ID Information Disclosure
- DoS Denial of Service
- N/A Classification not available
Version
- Version Date Description
- 1.0 2025-08-29