CNNVD-202512-3353 Information
CNNVD ID
CNNVD-202512-3353
Related CVE
- CNNVD Published: 2025-12-18
Description (Chinese)
scrcpy是Genymobile开源的一个Android设备控制软件。 scrcpy 3.3.3及之前版本和3e40b24之前版本存在缓冲区错误漏洞,该漏洞源于sc_read32be函数存在全局缓冲区溢出,可能导致内存损坏或崩溃。
Description (English)
Scrcpy is an Android device control software from Genymobile open source. There is an error loophole in the buffer zone from the sc read32be function to the global buffer zone, which could cause memory damage or collapse.
Hazard Level
High
Vulnerability Type
缓冲区错误
Affected Vendor
Genymobile
Published
2025-12-18
Last Modified
2026-02-24
References
https://github.com/Genymobile/scrcpy/commit/3e40b24 https://github.com/Genymobile/scrcpy/issues/6415 https://www.vulncheck.com/advisories/genymobile-scrcpy-global-buffer-overflow https://github.com/marlinkcyber/advisories/blob/main/advisories/MCSAID-2025-003-scrcpy-global-buffer-overflow.md https://access.redhat.com/security/cve/cve-2025-34449
Patch
https://github.com/Genymobile/scrcpy/releases
Share on: