CVE-2025-37139 Vulnerability in AOS firmware allows for Authenticated Local malicious actor to Permanently Disable Boot

A vulnerability in an AOS firmware binary allows an authenticated malicious actor to permanently delete necessary boot information. Successful exploitation may render the system unbootable, resulting in a Denial of Service that can only be resolved by replacing the affected hardware...

It was found that a specially crafted LUKS header could trick cryptsetup into disabling encryption during the recovery of the device. An attacker with physical access to the medium such as a flash disk could use this flaw to force a user into permanently disabling the encryption layer of that medium.

...

Unspecified Vulnerability in Gallery for Samsung Mobile Devices

Android is a free and open source operating system from Google based on the Linux kernel without GNU components. An unspecified vulnerability exists in Gallery for Samsung mobile devices, which can be exploited by an attacker to permanently disable the Gallery application...

CVE-2019-20604

An issue was discovered on Samsung mobile devices with O8.x software. Attackers can disable Gallery permanently. The Samsung ID is SVE-2019-14031 May 2019...