oss-sec mailing list archives

CVE Request - Samsung Exynos fimg2d NULL Pointer Dereference

From: Idler <idler1984 () gmail com>
Date: Fri, 5 Aug 2016 20:23:57 +0800

Hello,

I'd like to request CVE for the following vulnerability fixed in
Samsung Exynos fimg2d driver for Android:

Security bulletin: http://security.samsungmobile.com/smrupdate.html#SMR-AUG-2016

SVE-2016-6382: fimg2d NULL Pointer Dereference

Severity: Medium
Affected versions: L(5.0/5.1), M(6.0) devices with Exynos7420 chipset
Reported on: June 7, 2016
Disclosure status: Privately disclosed.
The vulnerability exists due to a null pointer dereference on fimg2d driver.
The patch verifies if the object is null before dereferencing it.

Best Regards,
James Fang

Current thread:

CVE Request - Samsung Exynos fimg2d NULL Pointer Dereference Idler (Aug 05)
- Re: CVE Request - Samsung Exynos fimg2d NULL Pointer Dereference cve-assign (Aug 17)