Vulnerabilities > CVE-2015-7892 - Out-of-bounds Write vulnerability in Samsung M2M1Shot Driver

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

samsung

CWE-787

exploit available

NVD

Published: 2019-12-09

Updated: 2019-12-10

Summary

Stack-based buffer overflow in the m2m1shot_compat_ioctl32 function in the Samsung m2m1shot driver framework, as used in Samsung S6 Edge, allows local users to have unspecified impact via a large data.buf_out.num_planes value in an ioctl call.

Vulnerable Configurations

Part	Description	Count
Application	Samsung Samsung M2M1Shot Driver -	1

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

Exploit-Db

description	Samsung m2m1shot Kernel Driver Buffer Overflow. CVE-2015-7892. Dos exploit for android platform
id	EDB-ID:38555
last seen	2016-02-04
modified	2015-10-28
published	2015-10-28
reporter	Google Security Research
source	https://www.exploit-db.com/download/38555/
title	Samsung m2m1shot Kernel Driver Buffer Overflow

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Exploit-Db

References