Samsung SystemUI fimg2d driver suffers from a null pointer dereference vulnerability.
5078f08a5818485da8db3f5b0d45965d8daf96f6c90003d8eae14f1610f7bba2
Hi,
Description of the potential vulnerability:
SVE-2016-6248: SystemUI Security issue
Severity: Medium
Affected versions: L(5.0/5.1), M(6.0) devices with Exynos7420 chipset
Reported on: June 7, 2016
Disclosure status: Privately disclosed.
The vulnerability exists due to a null pointer dereference on fimg2d driver.
The patch verifies if the object is null before dereferencing it.
Fix:
http://security.samsungmobile.com/smrupdate.html#SMR-SEP-2016
SVE-2016-6248: SystemUI Security issue
I report this to samsung, samsung reply to us if I want to get CVE request
it by ourself.
Best regards,
Zhaozhanpeng(0xr0ot) of Cheetah Mobile.