CVE-2015-7897

Samsung Galaxy S6 Edge - Memory Corruption

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2015-7897. PoCs published by Google Security Research.

AI-analyzed exploit summary This exploit demonstrates a memory corruption vulnerability in the Android face recognition library (CVE-2015-7897) by providing a malformed BMP file that triggers a SIGSEGV when scanned. The PoC includes crash logs and reproduction steps via ADB commands.

Description

The media scanning functionality in the face recognition library in android.media.process in Samsung Galaxy S6 Edge before G925VVRU4B0G9 allows remote attackers to gain privileges or cause a denial of service (memory corruption) via a crafted BMP image file.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Google Security Research · textdosandroid
https://www.exploit-db.com/exploits/38611

This exploit demonstrates a memory corruption vulnerability in the Android face recognition library (CVE-2015-7897) by providing a malformed BMP file that triggers a SIGSEGV when scanned. The PoC includes crash logs and reproduction steps via ADB commands.

Classification
Working Poc 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: Android media.process (face recognition library) on Android 5.0.2
No auth needed
Prerequisites: Malformed BMP file · Access to the target device's storage or ADB
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Scores

EPSS 0.0700
EPSS Percentile 93.3%

Details

CWE
CWE-119
Status published
Products (1)
samsung/galaxy_s6
Published Nov 16, 2015
Tracked Since Feb 18, 2026