Main Vulnerability Database Exploits ID:3898 - Exploit for Race condition in Samsung Mobile - CVE-2015-7891

ID:3898 - Exploit for Race condition in Samsung Mobile - CVE-2015-7891

Published: August 9, 2020

Vulnerability identifier: #VU38609

Vulnerability risk: Low

CVE-ID: CVE-2015-7891

CWE-ID: CWE-362

Exploitation vector: Local access

Vulnerable software:
Samsung Mobile

Link to public exploit:

https://www.exploit-db.com/exploits/38557/

Vulnerability description

The vulnerability allows a local authenticated user to execute arbitrary code.

Race condition in the ioctl implementation in the Samsung Graphics 2D driver (aka /dev/fimg2d) in Samsung devices with Android L(5.0/5.1) allows local users to trigger memory errors by leveraging definition of g2d_lock and g2d_unlock lock macros as no-ops, aka SVE-2015-4598.

Remediation

Install update from vendor's website.

ID:3898 - Exploit for Race condition in Samsung Mobile - CVE-2015-7891

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human