PT-2015-7656 · Samsung+1 · Samsung Galaxy S6 Edge+1

Natalie Silvanovich

Published

2015-11-16

Updated

2015-11-17

CVE-2015-7897

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Android media process in Samsung Galaxy S6 Edge before version G925VVRU4B0G9

Description The issue concerns the media scanning functionality in the face recognition library, which can be exploited by remote attackers. This can be achieved through a crafted BMP image file, potentially leading to memory corruption. As a result, attackers may gain privileges or cause a denial of service.

Recommendations For Samsung Galaxy S6 Edge before version G925VVRU4B0G9, update to version G925VVRU4B0G9 or later to resolve the issue.

Exploit

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

CVE-2015-7897

Affected Products

Android

Samsung Galaxy S6 Edge

PT-2015-7656 · Samsung+1 · Samsung Galaxy S6 Edge+1

CVE-2015-7897

Weakness Enumeration

Related Identifiers

Affected Products

References · 5