CVE-2016-11029
https://notcve.org/view.php?id=CVE-2016-11029
An issue was discovered on Samsung mobile devices with L(5.0/5.1), M(6.0), and N(7.0) software. Attackers can read the password of the Mobile Hotspot in the log because of an unprotected intent. The Samsung ID is SVE-2016-7301 (December 2016). Se detectó un problema en dispositivos móviles Samsung con versiones de software L(5.0/5.1), M(6.0) y N(7.0). Los atacantes pueden leer la contraseña del Mobile Hotspot en el registro debido a un intent desprotegido. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-522: Insufficiently Protected Credentials •
CVE-2016-11030
https://notcve.org/view.php?id=CVE-2016-11030
An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), and M(6.0) (with Hrm sensor support) software. The sysfs of the MAX86902 sensor driver does not prevent concurrent access, leading to a race condition and resultant heap-based buffer overflow. The Samsung ID is SVE-2016-7341 (December 2016). Se detectó un problema en dispositivos móviles Samsung con versiones de software KK(4.4), L(5.0/5.1) y M(6.0) (con soporte de sensor Hrm). El sysfs del controlador del sensor MAX86902 no impide el acceso concurrente, conllevando una condición de carrera y un desbordamiento del búfer en la región heap de la memoria resultante. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-787: Out-of-bounds Write •
CVE-2016-11031
https://notcve.org/view.php?id=CVE-2016-11031
An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), and M(6.0) software. AntService allows a system_server crash and reboot. The Samsung ID is SVE-2016-7044 (November 2016). Se detectó un problema en dispositivos móviles Samsung con versiones de software KK(4.4), L(5.0/5.1) y M(6.0). AntService permite un bloqueo y reinicio de system_server. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-20: Improper Input Validation •
CVE-2016-11034
https://notcve.org/view.php?id=CVE-2016-11034
An issue was discovered on Samsung mobile devices with L(5.0/5.1) and M(6.0) software. The decode function in Qjpeg in Qt 5.7 allows attackers to trigger a system crash via a malformed image. The Samsung ID is SVE-2016-6560 (October 2016). Se detectó un problema en dispositivos móviles Samsung con versiones de software L(5.0/5.1) y M(6.0). La función decode en Qjpeg en Qt versión 5.7, permite a atacantes activar un bloqueo del sistema por medio de una imagen malformada. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-755: Improper Handling of Exceptional Conditions •
CVE-2016-11039
https://notcve.org/view.php?id=CVE-2016-11039
An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), and M(6.0) (AP + CP MDM9x35, or Qualcomm Onechip) software. There is a NULL pointer dereference issue in the IPC socket code. The Samsung ID is SVE-2016-5980 (July 2016). Se detectó un problema en dispositivos móviles Samsung con versiones de software KK(4.4), L(5.0/5.1) y M(6.0) (AP + CP MDM9x35 o Qualcomm Onechip). Se presenta un problema de desreferencia del puntero NULL en el código de socket IPC. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-476: NULL Pointer Dereference •