CVE-2025-34449

CVE-2025-34449

Name

CVE-2025-34449

Description

Genymobile/scrcpy versions up to and including 3.3.3, prior to commit 3e40b24, contain a buffer overflow vulnerability in the sc_device_msg_deserialize() function. A compromised device can send crafted messages that cause out-of-bounds reads, which may result in memory corruption or a denial-of-service condition. This vulnerability may allow further exploitation on the host system.

NVD Severity

unknown

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
patch	https://github.com/Genymobile/scrcpy/commit/3e40b24
issue-tracking	https://github.com/Genymobile/scrcpy/issues/6415
technical-description	https://github.com/marlinkcyber/advisories/blob/main/advisories/MCSAID-2025-003-scrcpy-global-buffer-overflow.md
third-party-advisory	https://www.vulncheck.com/advisories/genymobile-scrcpy-global-buffer-overflow

Type

URI

patch

https://github.com/Genymobile/scrcpy/commit/3e40b24

issue-tracking

https://github.com/Genymobile/scrcpy/issues/6415

technical-description

https://github.com/marlinkcyber/advisories/blob/main/advisories/MCSAID-2025-003-scrcpy-global-buffer-overflow.md

third-party-advisory

https://www.vulncheck.com/advisories/genymobile-scrcpy-global-buffer-overflow

Match rules

CPE URI	Source package	Min version	Max version
	scrcpy	>= 0	<= 3.3.3
	scrcpy	== commit 3e40b24	== None
`cpe:2.3:a:genymotion:scrcpy::::::::`	scrcpy	>= None	< 3.3.4

CPE URI

Source package

Min version

Max version

scrcpy

>= 0

<= 3.3.3

scrcpy

== commit 3e40b24

== None

cpe:2.3:a:genymotion:scrcpy:*:*:*:*:*:*:*:*

scrcpy

>= None

< 3.3.4

Vulnerable and fixed packages

Source package	Branch	Version	Maintainer	Status
scrcpy	edge-community	3.3.4-r0	prspkt <prspkt@protonmail.com>	possibly vulnerable
scrcpy	edge-community	3.3.3-r0	prspkt <prspkt@protonmail.com>	possibly vulnerable
scrcpy	edge-community	3.3.2-r1	prspkt <prspkt@protonmail.com>	possibly vulnerable
scrcpy	edge-community	3.3.2-r0	prspkt <prspkt@protonmail.com>	possibly vulnerable
scrcpy	edge-community	3.3.1-r1	prspkt <prspkt@protonmail.com>	possibly vulnerable
scrcpy	edge-community	3.3.1-r0	prspkt <prspkt@protonmail.com>	possibly vulnerable
scrcpy	edge-community	3.3-r0	prspkt <prspkt@protonmail.com>	possibly vulnerable
scrcpy	edge-community	3.2-r0	prspkt <prspkt@protonmail.com>	possibly vulnerable
scrcpy	edge-community	3.1-r0	prspkt <prspkt@protonmail.com>	possibly vulnerable
scrcpy	edge-community	3.0.2-r0	prspkt <prspkt@protonmail.com>	possibly vulnerable
scrcpy	edge-community	3.0-r0	prspkt <prspkt@protonmail.com>	possibly vulnerable
scrcpy	3.23-community	3.3.3-r0	prspkt <prspkt@protonmail.com>	possibly vulnerable
scrcpy	3.22-community	3.2-r0	prspkt <prspkt@protonmail.com>	possibly vulnerable
scrcpy	3.22-community	3.0-r0	prspkt <prspkt@protonmail.com>	possibly vulnerable

Source package

Branch

Version

Maintainer

Status

scrcpy

edge-community

3.3.4-r0

prspkt <prspkt@protonmail.com>

possibly vulnerable

scrcpy

edge-community