Total
28 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-9143 | 1 Samsung | 1 Samsung Mobile | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
| On Samsung mobile devices with M(6.0) and N(7.x) software, a heap overflow in the sensorhub binder service leads to code execution in a privileged process, aka SVE-2017-10991. | |||||
| CVE-2018-9141 | 1 Samsung | 1 Samsung Mobile | 2023-12-10 | 9.3 HIGH | 7.8 HIGH |
| On Samsung mobile devices with L(5.x), M(6.0), and N(7.x) software, Gallery allows remote attackers to execute arbitrary code via a BMP file with a crafted resolution, aka SVE-2017-11105. | |||||
| CVE-2018-9142 | 1 Samsung | 1 Samsung Mobile | 2023-12-10 | 7.6 HIGH | 7.0 HIGH |
| On Samsung mobile devices with N(7.x) software, attackers can install an arbitrary APK in the Secure Folder SD Card area because of faulty validation of a package signature and package name, aka SVE-2017-10932. | |||||
| CVE-2018-9140 | 1 Samsung | 1 Samsung Mobile | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
| On Samsung mobile devices with M(6.0) software, the Email application allows XSS via an event attribute and arbitrary file loading via a src attribute, aka SVE-2017-10747. | |||||
| CVE-2018-9139 | 1 Samsung | 1 Samsung Mobile | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
| On Samsung mobile devices with N(7.x) software, a buffer overflow in the vision service allows code execution in a privileged process via a large frame size, aka SVE-2017-11165. | |||||
| CVE-2018-10751 | 1 Samsung | 1 Samsung Mobile | 2023-12-10 | 5.4 MEDIUM | 5.3 MEDIUM |
| A malformed OMACP WAP push message can cause memory corruption on a Samsung S7 Edge device when processing the String Extension portion of the WbXml payload. This is due to an integer overflow in memory allocation for this string. The Samsung ID is SVE-2018-11463. | |||||
| CVE-2017-18020 | 1 Samsung | 1 Samsung Mobile | 2023-12-10 | 7.2 HIGH | 8.4 HIGH |
| On Samsung mobile devices with L(5.x), M(6.x), and N(7.x) software and Exynos chipsets, attackers can execute arbitrary code in the bootloader because S Boot omits a size check during a copy of ramfs data to memory. The Samsung ID is SVE-2017-10598. | |||||
| CVE-2015-7891 | 1 Samsung | 1 Samsung Mobile | 2023-12-10 | 4.4 MEDIUM | 7.0 HIGH |
| Race condition in the ioctl implementation in the Samsung Graphics 2D driver (aka /dev/fimg2d) in Samsung devices with Android L(5.0/5.1) allows local users to trigger memory errors by leveraging definition of g2d_lock and g2d_unlock lock macros as no-ops, aka SVE-2015-4598. | |||||
| CVE-2015-7898 | 1 Samsung | 2 Galaxy S6, Samsung Mobile | 2023-12-10 | 2.1 LOW | 5.5 MEDIUM |
| Samsung Gallery in the Samsung Galaxy S6 allows local users to cause a denial of service (process crash). | |||||
| CVE-2018-5210 | 1 Samsung | 1 Samsung Mobile | 2023-12-10 | 9.3 HIGH | 8.1 HIGH |
| On Samsung mobile devices with N(7.x) software and Exynos chipsets, attackers can conduct a Trustlet stack overflow attack for arbitrary TEE code execution, in conjunction with a brute-force attack to discover unlock information (PIN, password, or pattern). The Samsung ID is SVE-2017-10733. | |||||
| CVE-2015-7895 | 1 Samsung | 2 Galaxy S6, Samsung Mobile | 2023-12-10 | 2.1 LOW | 5.5 MEDIUM |
| Samsung Gallery on the Samsung Galaxy S6 allows local users to cause a denial of service (process crash). | |||||
| CVE-2015-7896 | 1 Samsung | 2 Galaxy S6, Samsung Mobile | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
| LibQJpeg in the Samsung Galaxy S6 before the October 2015 MR allows remote attackers to cause a denial of service (memory corruption and SIGSEGV) via a crafted image file. | |||||
| CVE-2017-5217 | 1 Samsung | 1 Samsung Mobile | 2023-12-10 | 7.1 HIGH | 5.5 MEDIUM |
| Installing a zero-permission Android application on certain Samsung Android devices with KK(4.4), L(5.0/5.1), and M(6.0) software can continually crash the system_server process in the Android OS. The zero-permission app will create an active install session for a separate app that it has embedded within it. The active install session of the embedded app is performed using the android.content.pm.PackageInstaller class and its nested classes in the Android API. The active install session will write the embedded APK file to the /data/app directory, but the app will not be installed since third-party applications cannot programmatically install apps. Samsung has modified AOSP in order to accelerate the parsing of APKs by introducing the com.android.server.pm.PackagePrefetcher class and its nested classes. These classes will parse the APKs present in the /data/app directory and other directories, even if the app is not actually installed. The embedded APK that was written to the /data/app directory via the active install session has a very large but valid AndroidManifest.xml file. Specifically, the AndroidManifest.xml file contains a very large string value for the name of a permission-tree that it declares. When system_server tries to parse the APK file of the embedded app from the active install session, it will crash due to an uncaught error (i.e., java.lang.OutOfMemoryError) or an uncaught exception (i.e., std::bad_alloc) because of memory constraints. The Samsung Android device will encounter a soft reboot due to a system_server crash, and this action will keep repeating since parsing the APKs in the /data/app directory as performed by the system_server process is part of the normal boot process. The Samsung ID is SVE-2016-6917. | |||||
| CVE-2017-7978 | 1 Samsung | 1 Samsung Mobile | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
| Samsung Android devices with L(5.0/5.1), M(6.0), and N(7.x) software allow attackers to obtain sensitive information by reading a world-readable log file after an unexpected reboot. The Samsung ID is SVE-2017-8290. | |||||
| CVE-2016-9277 | 1 Samsung | 1 Samsung Mobile | 2023-12-10 | 7.8 HIGH | 7.5 HIGH |
| Integer overflow in SystemUI in KK(4.4) and L(5.0/5.1) on Samsung Note devices allows attackers to cause a denial of service (UI restart) via vectors involving APIs and an activity that computes an out-of-bounds array index, aka SVE-2016-6906. | |||||
| CVE-2016-9965 | 1 Samsung | 1 Samsung Mobile | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
| Lack of appropriate exception handling in some receivers of the Telecom application on Samsung Note devices with L(5.0/5.1), M(6.0), and N(7.0) software allows attackers to crash the system easily resulting in a possible DoS attack, or possibly gain privileges. The Samsung ID is SVE-2016-7119. | |||||
| CVE-2016-9966 | 1 Samsung | 1 Samsung Mobile | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
| Lack of appropriate exception handling in some receivers of the Telecom application on Samsung Note devices with L(5.0/5.1), M(6.0), and N(7.0) software allows attackers to crash the system easily resulting in a possible DoS attack, or possibly gain privileges. The Samsung ID is SVE-2016-7120. | |||||
| CVE-2016-9567 | 1 Samsung | 1 Samsung Mobile | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
| The mDNIe system service on Samsung Mobile S7 devices with M(6.0) software does not properly restrict setmDNIeScreenCurtain API calls, enabling attackers to control a device's screen. This can be exploited via a crafted application to eavesdrop after phone shutdown or record a conversation. The Samsung ID is SVE-2016-6343. | |||||
| CVE-2017-5351 | 1 Samsung | 1 Samsung Mobile | 2023-12-10 | 7.8 HIGH | 7.5 HIGH |
| Samsung Note devices with KK(4.4), L(5.0/5.1), and M(6.0) software allow attackers to crash the system by creating an arbitrarily large number of active VR service threads. The Samsung ID is SVE-2016-7650. | |||||
| CVE-2017-5350 | 1 Samsung | 1 Samsung Mobile | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
| Samsung Note devices with L(5.0/5.1), M(6.0), and N(7.0) software allow attackers to crash systemUI by leveraging incomplete exception handling. The Samsung ID is SVE-2016-7122. | |||||