Samsung CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

HIGH Samsung CVE published 2017-01-18

CVE-2016-6527

CVE-2016-6527 affects the SmartCall Activity component in Samsung’s Telecom application on Samsung Note devices running Android L (5.0/5.1) and M (6.0). A malformed serializable object can trigger a denial of service event such as a crash or reboot, and the CVE description also notes a possible privilege-impact outcome. NVD rates the issue HIGH with CVSS 3.0 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H, which mean [truncated]

HIGH Samsung CVE published 2017-01-18

CVE-2016-6526

CVE-2016-6526 is a Samsung mobile vulnerability in the Telecom application's SpamCall Activity. According to the CVE record, a malformed serializable object can cause denial of service, including crash and reboot, and may also allow privilege gain. The issue was publicly disclosed in the CVE record on 2017-01-18, with Samsung's advisory reference pointing to SMR-AUG-2016.