An issue was discovered on Samsung mobile devices with JBP(4.3), KK(4.4), and L(5.0/5.1) software. Because of a misused whitelist, attackers can reach the radio layer (aka RIL or RILD) to place calls or send SMS messages. The Samsung ID is SVE-2016-5733 (May 2016).
Software | From | Fixed in |
---|---|---|
google / android | 4.3 | 4.3.x |
google / android | 4.4 | 4.4.x |
google / android | 5.0 | 5.0.x |
google / android | 5.1 | 5.1.x |