CVE-2015-7894

HIGH

Samsung Galaxy S6 Edge Firmware - Remote Code Execution via Crafted JPG Image

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2015-7894. PoCs published by Google Security Research.

AI-analyzed exploit summary This exploit demonstrates a memory corruption vulnerability in the DCMProvider service on Samsung devices, triggered by a malformed JPEG file. The crash occurs in libQjpeg.so, potentially allowing arbitrary code execution due to the program counter being set to a value from the JPEG file.

Description

The DCMProvider service in Samsung LibQjpeg on a Samsung SM-G925V device running build number LRX22G.G925VVRU1AOE2 allows remote attackers to cause a denial of service (segmentation fault and process crash) and execute arbitrary code via a crafted JPG.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Google Security Research · textdosandroid

https://www.exploit-db.com/exploits/38614

View Code ZIP pw:eip

This exploit demonstrates a memory corruption vulnerability in the DCMProvider service on Samsung devices, triggered by a malformed JPEG file. The crash occurs in libQjpeg.so, potentially allowing arbitrary code execution due to the program counter being set to a value from the JPEG file.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Samsung DCMProvider service (libQjpeg.so) on SM-G925V with build LRX22G.G925VVRU1AOE2

No auth needed

Prerequisites: Physical or logical access to the device to place the malformed JPEG file · Media scanning to be triggered either automatically or manually via ADB

MITRE ATT&CK

T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →