CVE-2015-7896

MEDIUM

Samsung Galaxy S6 <Oct 2015 - Memory Corruption

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2015-7896. PoCs published by Google Security Research.

AI-analyzed exploit summary This exploit demonstrates a memory corruption vulnerability in Samsung's libQjpeg.so library when processing a malformed JPEG file. The crash occurs during media scanning, leading to a SIGSEGV in the WINKJ_DoIntegralUpsample function.

Description

LibQJpeg in the Samsung Galaxy S6 before the October 2015 MR allows remote attackers to cause a denial of service (memory corruption and SIGSEGV) via a crafted image file.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Google Security Research · textdosandroid

https://www.exploit-db.com/exploits/38612

View Code ZIP pw:eip

This exploit demonstrates a memory corruption vulnerability in Samsung's libQjpeg.so library when processing a malformed JPEG file. The crash occurs during media scanning, leading to a SIGSEGV in the WINKJ_DoIntegralUpsample function.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Samsung libQjpeg.so (affecting Samsung devices with DCMService)

No auth needed

Prerequisites: Malformed JPEG file (upsample.jpg) · Media scanning trigger (e.g., via ADB command)

MITRE ATT&CK

T1499.004 - Application or System Exploitation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Core References

Third Party Advisory x_refsource_confirm

https://bugs.chromium.org/p/project-zero/issues/detail?id=498&redir=1

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/77425

Third Party Advisory, VDB Entry x_refsource_misc

http://packetstormsecurity.com/files/134198/Samsung-Galaxy-S6-LibQjpeg-DoIntegralUpsample-Crash.html

Third Party Advisory, VDB Entry exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/38612/

Scores

CVSS v3 6.5

EPSS 0.0696

EPSS Percentile 93.3%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Details

CWE

CWE-119

Status published

Products (11)

samsung/samsung_mobile 5.0

samsung/samsung_mobile 5.0.1

samsung/samsung_mobile 5.0.2

samsung/samsung_mobile 5.1

samsung/samsung_mobile 5.1.1

samsung/samsung_mobile 6.0

samsung/samsung_mobile 6.0.1

samsung/samsung_mobile 7.0

samsung/samsung_mobile 7.1

samsung/samsung_mobile 7.1.1

... and 1 more

Published Aug 24, 2017

Tracked Since Feb 18, 2026