Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

CVE request - Samsumg Mobile Phone SVE-2016-6248: SystemUI Security issue

From: 0xr0ot <0xr0ot.sec () gmail com>
Date: Thu, 8 Sep 2016 11:17:34 +0800
Hi,

Description of the potential vulnerability:
SVE-2016-6248: SystemUI Security issue
Severity: Medium
Affected versions: L(5.0/5.1), M(6.0) devices with Exynos7420 chipset
Reported on: June 7, 2016
Disclosure status: Privately disclosed.
The vulnerability exists due to a null pointer dereference on fimg2d driver.
The patch verifies if the object is null before dereferencing it.

Fix:
http://security.samsungmobile.com/smrupdate.html#SMR-SEP-2016
SVE-2016-6248: SystemUI Security issue

I report this to samsung, samsung reply to us if I want to get CVE request
it by ourself.

Best regards,
Zhaozhanpeng(0xr0ot) of Cheetah Mobile.

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/
Previous By Date Next
Previous By Thread Next

Current thread: