CVE-2015-7897

Currently unrated

Key Information:

Vendor: Samsung
Status: Galaxy S6
Vendor: CVE Published:; 16 November 2015

Summary

The media scanning functionality in the face recognition library in android.media.process in Samsung Galaxy S6 Edge before G925VVRU4B0G9 allows remote attackers to gain privileges or cause a denial of service (memory corruption) via a crafted BMP image file.

References

http://googleprojectzero.blogspot.com/2015/11/hack-galaxy...

x_refsource_MISC

https://code.google.com/p/google-security-research/issues...

x_refsource_MISC

http://packetstormsecurity.com/files/134199/Samsung-Galax...

x_refsource_MISC

EPSS Score

6% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Nov 16, 2015
Vulnerability Reserved
Oct 22, 2015