Back to all manufacturers
Samsung
Samsung is affected by vulnerabilities that affect all Android manufacturers in addition to those listed below.
Samsung has a FUM score of 2.81.
(json)
(json)
- CVE numbers:
- Coordinated disclosure?: true
- Categories: kernel
- Details: [talks.cam-46303]
- Discovered by: Janis Danisevskis janis@sec.t-labs.tu-berlin.de from Technische Universität Berlin [citation-needed] on: 2012-09-30 [citation-needed]
- Reported on: 2013-04-04 [citation-needed]
- Fixed on: Unknown
- Fix released on: Unknown
- Affected versions: regex:
- Affected devices:
- Affected manufacturers: Samsung [citation-needed]
- Fixed versions:
- Submission:
(json)
(json)
(json)
- CVE numbers:
- Coordinated disclosure?: true
- Categories: kernel, system
- Details: A vulnerability in a modified kernel means that a series of exploits can be used to obtain access to the Trusted Execution Environment [msm8974-pt1][archived]
- Discovered by: Gal Beniamini (laginimaineb) [msm8974-pt3][archived] on: Unknown
- Reported on: 2014-09-19 [msm8974-pt3][archived]
- Fixed on: 2014-10-01 [msm8974-pt3][archived]
- Fix released on: Unknown
- Affected versions: Crafted ROM based on 4.4.4 [msm8974-pt3][archived] regex: 4.4.4
- Affected devices: All devices using the MSM8974 SoCMSM8974 SoC [msm8974-pt3][archived]
- Affected manufacturers: Samsung [msm8974-pt3][archived], HTC [msm8974-pt3][archived], LG [msm8974-pt3][archived], Sony [msm8974-pt3][archived], OnePlus [msm8974-pt3][archived], Acer [msm8974-pt3][archived], Asus [msm8974-pt3][archived], Gionee [msm8974-pt3][archived], ZTE [msm8974-pt3][archived], Sharp [msm8974-pt3][archived], Pantech [msm8974-pt3][archived], Lenovo [msm8974-pt3][archived], Oppo [msm8974-pt3][archived], Vivo [msm8974-pt3][archived], IUNI [msm8974-pt3][archived], Hisense [msm8974-pt3][archived], Coolpad [msm8974-pt3][archived], Xiaomi [msm8974-pt3][archived], InFocus [msm8974-pt3][archived]
- Fixed versions:
- Submission: by: Daniel Carter, on: 2019-07-09
(json)
- CVE numbers: CVE-2015-3636 [avs-test-pingpong][archived]
- Coordinated disclosure?: false
- Categories:
- Details: Wen Xu and wushi of KeenTeam discovered that users allowed to create ping sockets can use them to crash the system and, on 32-bit architectures, for privilege escalation. However, by default, no users on a Debian system have access to ping sockets. [dsa-3290]
- Discovered by: Wen Xu and wushi of KeenTeam [dsa-3290] on: Unknown
- Reported on: 2015-05-08 [xda-developers-pingpongroot]
- Fixed on: Unknown
- Fix released on: Unknown
- Affected versions: regex:
- Affected devices: Samsung Galaxy S6 Edge [xda-developers-pingpongroot], HTC One (M9) [xda-developers-pingpongroot], Samsung Galaxy S6 [xda-developers-pingpongroot]
- Affected manufacturers: Samsung [xda-developers-pingpongroot], HTC [xda-developers-pingpongroot]
- Fixed versions: 5.0.2,5.1.1 [xda-developers-pingpongroot]
- Submission: by: Daniel R. Thomas, on: 2016-03-18; by: Stephan Kollmann, on: 2015-10-14
(json)
- CVE numbers: CVE-2015-7888 [projectzero-489]
- Coordinated disclosure?: true
- Categories: system
- Details: A path traversal vulnerability was found in the WifiHs20UtilityService. This service is running on a Samsung S6 Edge device, and may be present on other Samsung device models. WifiHs20UtilityService reads any files placed in /sdcard/Download/cred.zip, and unzips this file into /data/bundle. Directory traversal in the path of the zipped contents allows an attacker to write a controlled file to an arbitrary path as the system user. [citation-needed]
- Discovered by: Mark Brand [projectzeroblog-huntinggalaxy] on: 2015-07-29 [citation-needed]
- Reported on: 2015-07-29 [citation-needed]
- Fixed on: 2015-10-22 [projectzero-489]
- Fix released on: Unknown
- Affected versions: regex:
- Affected devices: Samsung S6 Edge and may be present in other Samsung device models [projectzero-489]
- Affected manufacturers: Samsung [projectzero-489]
- Fixed versions:
- Submission: by: Daniel R. Thomas, on: 2016-03-18; by: Stephan Kollmann, on: 2015-10-14
