Vulnerability Details CVE-2016-11038
An issue was discovered on Samsung mobile devices with software through 2016-04-05 (incorporating the Samsung Professional Audio SDK). The Jack audio service doesn't implement access control for shared memory, leading to arbitrary code execution or privilege escalation. The Samsung ID is SVE-2016-5953 (July 2016).
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 41.2%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
Products affected by CVE-2016-11038
-
cpe:2.3:h:samsung:galaxy_note_3:-
-
cpe:2.3:h:samsung:galaxy_note_4:-
-
cpe:2.3:h:samsung:galaxy_note_edge:-
-
cpe:2.3:h:samsung:galaxy_s5:-
-
cpe:2.3:h:samsung:galaxy_s6:-
-
cpe:2.3:h:samsung:galaxy_s6_edge:-
-
cpe:2.3:o:google:android:-