[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

CVE-2017-5350: Unexpected SystemUI FC driven by arbitrary application



Description of the potential vulnerability:Lack of appropriate exception handling in some applications allows attackers to make a systemUI crash easily resulting in a possible DoS attack
Affected versions:  L(5.0/5.1), M(6.0), and N(7.0)
Disclosure status: Privately disclosed.
The patch prevents systemUI crashes by handling unexpected exceptions.

Fix:
http://security.samsungmobile.com/smrupdate.html#SMR-JAN-2017
SVE-2016-7122: Unexpected SystemUI FC driven by arbitrary application

Sincerely,

Ant-financial Light-Year Security Lab