Vulnerabilities > CVE-2015-7892 - Out-of-bounds Write vulnerability in Samsung M2M1Shot Driver
Attack vector
LOCAL Attack complexity
LOW Privileges required
LOW Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
Stack-based buffer overflow in the m2m1shot_compat_ioctl32 function in the Samsung m2m1shot driver framework, as used in Samsung S6 Edge, allows local users to have unspecified impact via a large data.buf_out.num_planes value in an ioctl call.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Common Weakness Enumeration (CWE)
Exploit-Db
description | Samsung m2m1shot Kernel Driver Buffer Overflow. CVE-2015-7892. Dos exploit for android platform |
id | EDB-ID:38555 |
last seen | 2016-02-04 |
modified | 2015-10-28 |
published | 2015-10-28 |
reporter | Google Security Research |
source | https://www.exploit-db.com/download/38555/ |
title | Samsung m2m1shot Kernel Driver Buffer Overflow |
References
- http://packetstormsecurity.com/files/134108/Samsung-M2m1shot-Kernel-Driver-Buffer-Overflow.html
- http://packetstormsecurity.com/files/134108/Samsung-M2m1shot-Kernel-Driver-Buffer-Overflow.html
- https://code.google.com/p/google-security-research/issues/detail?id=493
- https://code.google.com/p/google-security-research/issues/detail?id=493
- https://www.exploit-db.com/exploits/38555/
- https://www.exploit-db.com/exploits/38555/