The media scanning functionality in the face recognition library in android.media.process in Samsung Galaxy S6 Edge before G925VVRU4B0G9 allows remote attackers to gain privileges or cause a denial of service (memory corruption) via a crafted BMP image file.
References
Configurations
History
21 Nov 2024, 02:37
Type | Values Removed | Values Added |
---|---|---|
References | () http://googleprojectzero.blogspot.com/2015/11/hack-galaxy-hunting-bugs-in-samsung.html - Vendor Advisory | |
References | () http://packetstormsecurity.com/files/134199/Samsung-Galaxy-S6-Android.media.process-Face-Recognition-Memory-Corruption.html - | |
References | () https://code.google.com/p/google-security-research/issues/detail?id=499&q=samsung - | |
References | () https://www.exploit-db.com/exploits/38611/ - |
Information
Published : 2015-11-16 19:59
Updated : 2024-11-21 02:37
NVD link : CVE-2015-7897
Mitre link : CVE-2015-7897
CVE.ORG link : CVE-2015-7897
JSON object : View
Products Affected
samsung
- galaxy_s6
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer