Published: 02/08/2017 Updated: 04/08/2017

CVSS v2 Base Score: 4.4 | Impact Score: 6.4 | Exploitability Score: 3.4

CVSS v3 Base Score: 7 | Impact Score: 5.9 | Exploitability Score: 1

VMScore: 445

Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P

Race condition in the ioctl implementation in the Samsung Graphics 2D driver (aka /dev/fimg2d) in Samsung devices with Android L(5.0/5.1) allows local users to trigger memory errors by leveraging definition of g2d_lock and g2d_unlock lock macros as no-ops, aka SVE-2015-4598.

Vulnerable Product	Search on Vulmon	Subscribe to Product
samsung samsung mobile 5.1
samsung samsung mobile 5.0

Source: codegooglecom/p/google-security-research/issues/detail?id=492 The Samsung Graphics 2D driver (/dev/fimg2d) is accessible by unprivileged users/applications It was found that the ioctl implementation for this driver contains a locking error which can lead to memory errors (such as use-after-free) due to a race condition The key ...

CWE-362 https://www.exploit-db.com/exploits/38557/https://bugs.chromium.org/p/project-zero/issues/detail?id=492 http://www.securityfocus.com/bid/77335 http://security.samsungmobile.com/smrupdate.html#SMR-OCT-2015 http://packetstormsecurity.com/files/134107/Samsung-Fimg2d-FIMG2D_BITBLT_BLIT-Ioctl-Concurrency-Flaw.html https://nvd.nist.gov https://www.exploit-db.com/exploits/38557/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2015-7891

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect