PT-2017-3628 · Samsung · Samsung Mobile

Published

2017-11-08

Updated

2018-04-19

CVE-2018-9139

CVSS v2.0

Critical

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions: Samsung Mobile devices with N(7.x) software

Description: A buffer overflow in the vision service of Samsung Mobile devices allows code execution in a privileged process via a large frame size. This issue can be exploited by a remote attacker to execute arbitrary code.

Recommendations: For Samsung Mobile devices with N(7.x) software, consider disabling the vision service as a temporary workaround until a patch is available. Restrict access to the vision service to minimize the risk of exploitation.

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

BDU:2018-00638

CVE-2018-9139

Affected Products

Samsung Mobile

PT-2017-3628 · Samsung · Samsung Mobile

CVE-2018-9139

Weakness Enumeration

Related Identifiers

Affected Products

References · 4