[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

CVE-2017-5350: Unexpected SystemUI FC driven by arbitrary application

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: CVE-2017-5350: Unexpected SystemUI FC driven by arbitrary application
From: unlimitsec@xxxxxxxxx
Date: Thu, 12 Jan 2017 11:50:56 GMT

Description of the potential vulnerability:Lack of appropriate exception 
handling in some applications allows attackers to make a systemUI crash easily 
resulting in a possible DoS attack
Affected versions:  L(5.0/5.1), M(6.0), and N(7.0)
Disclosure status: Privately disclosed.
The patch prevents systemUI crashes by handling unexpected exceptions.

Fix:
http://security.samsungmobile.com/smrupdate.html#SMR-JAN-2017
SVE-2016-7122: Unexpected SystemUI FC driven by arbitrary application

Sincerely,

Ant-financial Light-Year Security Lab

Prev by Date: [slackware-security] bind (SSA:2017-011-01)
Next by Date: [SECURITY] [DSA 3760-1] ikiwiki security update
Previous by thread: [slackware-security] bind (SSA:2017-011-01)
Next by thread: [SECURITY] [DSA 3760-1] ikiwiki security update
Index(es):
- Date
- Thread