CVE-2015-7897

Samsung Galaxy S6 Edge - Memory Corruption

Title source: llm

Description

The media scanning functionality in the face recognition library in android.media.process in Samsung Galaxy S6 Edge before G925VVRU4B0G9 allows remote attackers to gain privileges or cause a denial of service (memory corruption) via a crafted BMP image file.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Google Security Research · textdosandroid

https://www.exploit-db.com/exploits/38611

View Code ZIP pw:eip

References (4)

Core 4

Core References

Vendor Advisory x_refsource_misc

http://googleprojectzero.blogspot.com/2015/11/hack-galaxy-hunting-bugs-in-samsung.html

Issue Tracking x_refsource_misc

https://code.google.com/p/google-security-research/issues/detail?id=499&q=samsung

Exploit, Third Party Advisory x_refsource_misc

http://packetstormsecurity.com/files/134199/Samsung-Galaxy-S6-Android.media.process-Face-Recognition-Memory-Corruption.html

Exploit, Third Party Advisory exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/38611/

Scores

EPSS 0.0451

EPSS Percentile 89.2%

Details

CWE

CWE-119

Status published

Products (1)

samsung/galaxy_s6

Published Nov 16, 2015

Tracked Since Feb 18, 2026