CVE-2018-14745

Buffer overflow in protgetringspace in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 SM-G920F G920FXXU5EQH7 allows an attacker who has obtained code execution on the Wi-Fi chip to overwrite kernel memory due to improper validation of the ring buffer read pointer. The Samsung ID is...

CVE-2018-14745

CVE-2018-14745 affects the bcmdhd4358 Wi‑Fi driver in the Samsung Galaxy S6 (SM-G920F). The flaw is a buffer overflow in prot_get_ring_space caused by improper validation of the ring buffer read pointer, enabling an attacker who already has code execution on the Wi‑Fi chip to overwrite kernel mem...

CVE-2018-14854

Buffer overflow in dhdbusflowringdeleteresponse in drivers/net/wireless/bcmdhd4358/dhdpcie.c in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 SM-G920F G920FXXU5EQH7 allow an attacker who has obtained code execution on the Wi-Fi chip to cause the device driver to perform invalid memory...

CVE-2018-14856

CVE-2018-14856 affects the Samsung Galaxy S6 SM-G920F with the bcmdhd4358 Wi‑Fi driver. The issue is a buffer overflow in dhd_bus_flow_ring_create_response (file drivers/net/wireless/bcmdhd4358/dhd_pcie.c). If an attacker already has code execution on the Wi‑Fi chip, this can cause invalid memory...

CVE-2016-2567

secfilter in the Samsung kernel for Android on SM-N9005 build N9005XXUGBOB6 Note 3 and SM-G920F build G920FXXU2COH2 Galaxy S6 devices allows attackers to bypass URL filtering by inserting an "exceptional URL" in the query string, as demonstrated by the...

CVE-2016-2565

Samsung SecEmailSync on SM-G920F build G920FXXU2COH2 Galaxy S6 devices allows attackers to read sent e-mail messages, aka SVE-2015-5081...

Null pointer dereference

The getURL function in drivers/secfilter/urlparser.c in secfilter in the Samsung kernel for Android on SM-N9005 build N9005XXUGBOB6 Note 3 and SM-G920F build G920FXXU2COH2 Galaxy S6 devices allows attackers to trigger a NULL pointer dereference via a "GET HTTP/1.1" request, aka SVE-2016-5036...

Code injection

Samsung SecEmailSync on SM-G920F build G920FXXU2COH2 Galaxy S6 devices allows attackers to read sent e-mail messages, aka SVE-2015-5081...

Sql injection

Samsung SecEmailSync on SM-G920F build G920FXXU2COH2 Galaxy S6 devices has SQL injection, aka SVE-2015-5081...

CVE-2016-4032

CVE-2016-4032 concerns Samsung devices (Galaxy S6, Note 3, Galaxy S4 variants) where AT commands can be executed because the devices do not block AT+USBDEBUG and AT+WIFIVALUE when connected to a Linux host. The issue enables an attacker with AT access to modify Android settings on affected builds...

CVE-2016-2566

The CVE-2016-2566 entry concerns Samsung SecEmailSync on Galaxy S6 (SM-G920F, build G920FXXU2COH2). Connected documents confirm a SQL injection in the SecEmailSync plugin (SVE-2015-5081). Reported impact in CNVD sources states an attacker could exploit this to read e-mails; the CNVD-2017-07204 en...

CVE-2016-2565

The connected records corroborate that Samsung SecEmailSync on the Galaxy S6 (Samsung SM-G920F, build G920FXXU2COH2) contains a vulnerability class in the SecEmailSync plugin. CNVD entries describe two concrete issues: (1) CVE-2016-2565/2566 family in SecEmailSync, with an SQL injection vector (S...

CVE-2016-2036

The CVE-2016-2036 entry concerns the getURL function in drivers/secfilter/urlparser.c within the Samsung kernel’s secfilter component for Android on SM-N9005 (Note 3) and SM-G920F (Galaxy S6). The underlying issue is a NULL pointer dereference triggered by a crafted GET HTTP/1.1 request (SVE-2016...

CVE-2016-2567

Affected products/component: Samsung Android kernel on SM-N9005 (Note 3) and SM-G920F (Galaxy S6); vulnerable component: secfilter URL filtering plugin. Root cause: input validation vulnerability in secfilter enabling bypass of URL filtering by inserting an "exceptional URL" in the query string. ...