Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2015-7891

CWE-362Race Condition5 documents5 sources
Severity
7.0HIGH
EPSS
0.2%
top 61.57%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Samsung Samsung Mobile
Timeline
PublishedAug 2
Latest updateMay 17

Description

Race condition in the ioctl implementation in the Samsung Graphics 2D driver (aka /dev/fimg2d) in Samsung devices with Android L(5.0/5.1) allows local users to trigger memory errors by leveraging definition of g2d_lock and g2d_unlock lock macros as no-ops, aka SVE-2015-4598.

CVSS vector

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.0 | Impact: 5.9

Affected Packages1 packages

NVDsamsung/samsung_mobile5.0, 5.1+1

🔴Vulnerability Details

3
GHSA
GHSA-59gr-vjcr-m2p7: Race condition in the ioctl implementation in the Samsung Graphics 2D driver (aka /dev/fimg2d) in Samsung devices with Android L(52022-05-17
CVEList
CVE-2015-7891: Race condition in the ioctl implementation in the Samsung Graphics 2D driver (aka /dev/fimg2d) in Samsung devices with Android L(52017-08-02
Project0
Hack The Galaxy: Hunting Bugs in the Samsung Galaxy S6 Edge - Project Zero2015-11-01

💥Exploits & PoCs

1
Exploit-DB
Samsung fimg2d - FIMG2D_BITBLT_BLIT ioctl Concurrency Flaw2015-10-28
CVE-2015-7891 (HIGH CVSS 7) | Race condition in the ioctl impleme | cvebase.io