CVE-2015-7891

moderate-risk
Published 2017-08-02

Race condition in the ioctl implementation in the Samsung Graphics 2D driver (aka /dev/fimg2d) in Samsung devices with Android L(5.0/5.1) allows local users to trigger memory errors by leveraging definition of g2d_lock and g2d_unlock lock macros as no-ops, aka SVE-2015-4598.

Do I need to act?

-
0.17% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
!
1 public exploit available
38557
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.0/10 High
LOCAL / HIGH complexity

Affected Products (2)

Affected Vendors

Samsung

References (10)

Exploit http://packetstormsecurity.com/files/134107/Samsung-Fimg2d-FIMG2D_BITBLT_BLIT-Io...
Vendor Advisory http://security.samsungmobile.com/smrupdate.html#SMR-OCT-2015
Third Party Advisory http://www.securityfocus.com/bid/77335
Issue Tracking https://bugs.chromium.org/p/project-zero/issues/detail?id=492
Exploit https://www.exploit-db.com/exploits/38557/
Exploit http://packetstormsecurity.com/files/134107/Samsung-Fimg2d-FIMG2D_BITBLT_BLIT-Io...
Vendor Advisory http://security.samsungmobile.com/smrupdate.html#SMR-OCT-2015
Third Party Advisory http://www.securityfocus.com/bid/77335
Issue Tracking https://bugs.chromium.org/p/project-zero/issues/detail?id=492
Exploit https://www.exploit-db.com/exploits/38557/
33
/ 100
moderate-risk
Severity 18/34 · Moderate
Exploitability 8/34 · Low
Exposure 7/34 · Low