Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [day] [month] [year] [list] 
Date: Thu, 8 Sep 2016 11:17:34 +0800
From: 0xr0ot <0xr0ot.sec@...il.com>
To: cve-assign@...re.org, oss-security@...ts.openwall.com, 
	fulldisclosure@...lists.org
Subject: CVE request - Samsumg Mobile Phone SVE-2016-6248: SystemUI Security issue

Hi,

Description of the potential vulnerability:
SVE-2016-6248: SystemUI Security issue
Severity: Medium
Affected versions: L(5.0/5.1), M(6.0) devices with Exynos7420 chipset
Reported on: June 7, 2016
Disclosure status: Privately disclosed.
The vulnerability exists due to a null pointer dereference on fimg2d driver.
The patch verifies if the object is null before dereferencing it.

Fix:
http://security.samsungmobile.com/smrupdate.html#SMR-SEP-2016
SVE-2016-6248: SystemUI Security issue

I report this to samsung, samsung reply to us if I want to get CVE request
it by ourself.

Best regards,
Zhaozhanpeng(0xr0ot) of Cheetah Mobile.

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.