CVE-2016-7989

Unhandled ArrayIndexOutOfBounds exception in Android Runtime

Publish date

August 2016

Identifier

CVE-2016-7989

Manufacturer

Samsung

Product

Android

Patched

http://security.samsungmobile.com/smrupdate.html#SMR-AUG-2016

Authors

Tom Court

Description

On Samsung Galaxy S4 through S7 devices, a malformed OTA WAP PUSH SMS containing an OMACP message sent remotely triggers an unhandled ArrayIndexOutOfBoundsException in Samsung's implementation of the WifiServiceImpl class within wifi-service.jar. This causes the Android runtime to continually crash, rendering the device unusable until a factory reset is performed, a subset of SVE-2016-6542.

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7989

 

CREST
CREST STAR
CHECK IT Health Check Service
CBEST
Cyber Essentials
CESG Certified Service
First - Improving Security Together
BSI ISO 9001 FS 581360
BSI ISO 27001 IS 553326
PCI - Approved Scanning Vendor
NCSC CCSC - Assured Service Provider