The SpamCall Activity component in Telecom application on Samsung Note device L(5.0/5.1) and M(6.0) allows attackers to cause a denial of service (crash and reboot) or possibly gain privileges via a malformed serializable object.
Vulnerabilities in the SpamCall Activity components of the Samsung Telecom application can crash and reboot a device when a malformed serializable object is passed.