CVE-2016-2567

secfilter in the Samsung kernel for Android on SM-N9005 build N9005XXUGBOB6 Note 3 and SM-G920F build G920FXXU2COH2 Galaxy S6 devices allows attackers to bypass URL filtering by inserting an "exceptional URL" in the query string, as demonstrated by the...

CVE-2016-2567

secfilter in the Samsung kernel for Android on SM-N9005 build N9005XXUGBOB6 Note 3 and SM-G920F build G920FXXU2COH2 Galaxy S6 devices allows attackers to bypass URL filtering by inserting an "exceptional URL" in the query string, as demonstrated by the...

Null pointer dereference

The getURL function in drivers/secfilter/urlparser.c in secfilter in the Samsung kernel for Android on SM-N9005 build N9005XXUGBOB6 Note 3 and SM-G920F build G920FXXU2COH2 Galaxy S6 devices allows attackers to trigger a NULL pointer dereference via a "GET HTTP/1.1" request, aka SVE-2016-5036...

CVE-2016-2036

The CVE-2016-2036 entry concerns the getURL function in drivers/secfilter/urlparser.c within the Samsung kernel’s secfilter component for Android on SM-N9005 (Note 3) and SM-G920F (Galaxy S6). The underlying issue is a NULL pointer dereference triggered by a crafted GET HTTP/1.1 request (SVE-2016...

CVE-2016-2567

Affected products/component: Samsung Android kernel on SM-N9005 (Note 3) and SM-G920F (Galaxy S6); vulnerable component: secfilter URL filtering plugin. Root cause: input validation vulnerability in secfilter enabling bypass of URL filtering by inserting an "exceptional URL" in the query string. ...

CVE-2016-4032

CVE-2016-4032 concerns Samsung devices (Galaxy S6, Note 3, Galaxy S4 variants) where AT commands can be executed because the devices do not block AT+USBDEBUG and AT+WIFIVALUE when connected to a Linux host. The issue enables an attacker with AT access to modify Android settings on affected builds...