CVE-2016-9278

MEDIUM

Samsung Exynos fimg2d - DoS

Title source: llm

Description

The Samsung Exynos fimg2d driver for Android with Exynos 5433, 54xx, or 7420 chipsets allows local users to cause a denial of service (kernel panic) via a crafted ioctl command. The Samsung ID is SVE-2016-6736.

References (4)

[Vendor Advisory] http://security.samsungmobile.com/smrupdate.html#SMR-NOV-2016

[Mailing List, Third Party Advisory] http://www.openwall.com/lists/oss-security/2016/11/09/3

[Mailing List, Third Party Advisory] http://www.openwall.com/lists/oss-security/2016/11/11/11

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/94283

Scores

CVSS v3 5.5

EPSS 0.0006

EPSS Percentile 18.3%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Classification

CWE

CWE-20

Status published

Affected Products (2)

samsung/exynos_fimg2d_driver

n/a/n/a

Timeline

Published Jan 18, 2017

Tracked Since Feb 18, 2026