Kernel Vulnerability in Samsung S4 Impacting Sensitive Data Access
CVE-2015-1800

7.5HIGH

Key Information:

Vendor
Samsung
Status
Galaxy S4 Firmware
Vendor
CVE Published:
24 August 2017

Summary

The samsung_extdisp driver in the Samsung S4 (GT-I9500) running on kernel version 3.4 or earlier contains a vulnerability that may allow attackers to potentially access sensitive information. This weakness emphasizes the importance of keeping devices updated to mitigate risks associated with kernel-level vulnerabilities.

References

http://www.openwall.com/lists/oss-security/2015/09/21/13
mailing-listx_refsource_MLIST
http://www.securityfocus.com/bid/76807
vdb-entryx_refsource_BID
http://www.openwall.com/lists/oss-security/2015/09/21/4
mailing-listx_refsource_MLIST

CVSS V3.1

Score:
7.5
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.