Description
Use-after-free vulnerability in the Samsung Exynos fimg2d driver for Android with Exynos 5433, 54xx, or 7420 chipsets allows attackers to obtain sensitive information via unspecified vectors. The Samsung ID is SVE-2016-6853.
References (4)
Core 4
Core References
Mailing List, Third Party Advisory mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2016/11/11/11
Mailing List, Third Party Advisory mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2016/11/09/3
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/94283
Vendor Advisory x_refsource_confirm
http://security.samsungmobile.com/smrupdate.html#SMR-NOV-2016
Scores
CVSS v3
7.5
EPSS
0.0114
EPSS Percentile
78.6%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-416
Status
published
Products (1)
samsung/exynos_fimg2d_driver
Published
Jan 18, 2017
Tracked Since
Feb 18, 2026