An issue was discovered in NPU in Samsung Mobile Processor Exynos 1380 through July 2025. There is an Invalid Pointer Dereference of node in the get_vs4l_profiler_node function.
Weakness
The product attempts to return a memory resource to the system, but it calls the wrong release function or calls the appropriate release function incorrectly.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Exynos_1380_firmware | Samsung | * | 2025-07 (including) |
Extended Description
This weakness can take several forms, such as:
Potential Mitigations
- Use a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.
- For example, glibc in Linux provides protection against free of invalid pointers.