CVE-2017-18678

NVD

https://nvd.nist.gov/vuln/detail/CVE-2017-18678

CWE

https://cwe.mitre.org/data/definitions/755.html

An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), M(6.0), and N(7.x) software. An attacker can crash system processes via a Serializable object because of missing exception handling. The Samsung IDs are SVE-2017-8109, SVE-2017-8110, SVE-2017-8115, SVE-2017-8118, and SVE-2017-8119 (April 2017).

Weakness

The product does not handle or incorrectly handles an exceptional condition.

Affected Software

Name	Vendor	Start Version	End Version
Android	Google	4.4 (including)	4.4 (including)
Android	Google	5.0 (including)	5.0 (including)
Android	Google	5.1 (including)	5.1 (including)
Android	Google	6.0 (including)	6.0 (including)
Android	Google	7.0 (including)	7.0 (including)
Android	Google	7.1.0 (including)	7.1.0 (including)
Android	Google	7.1.1 (including)	7.1.1 (including)
Android	Google	7.1.2 (including)	7.1.2 (including)

References

https://security.samsungmobile.com/securityUpdate.smsb
https://security.samsungmobile.com/securityUpdate.smsb

Improper Handling of Exceptional Conditions

Weakness

Affected Software

References