CVE-2015-7890

Sažetak

Multiple buffer overflows in the esa_write function in /dev/seirenin the Exynos Seiren Audio driver, as used in Samsung S6 Edge, allow local users to cause a denial of service (memory corruption) via a large (1) buffer or (2) size parameter.

Reference

http://packetstormsecurity.com/files/134106/Samsung-Seiren-Kernel-Driver-Buffer-Overflow.html
https://code.google.com/p/google-security-research/issues/detail?id=491
https://www.exploit-db.com/exploits/38556/

CVSS

Base:	4.9
Impact:	6.9
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	NONE	COMPLETE

CVSS vektor

AV:L/AC:L/Au:N/C:N/I:N/A:C

Zadnje važnije ažuriranje

18-02-2020 - 21:24

Objavljeno

12-02-2020 - 15:15