CVE-2016-11052
Description
An issue was discovered on Samsung mobile devices with L(5.0/5.1) software. je_free in libQjpeg.so in Qjpeg in Qt 5.5 allows memory corruption via a malformed JPEG file. The Samsung ID is SVE-2015-5110 (January 2016).
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Memory corruption in Samsung mobile Qjpeg library via malformed JPEG file affects devices with Android L (5.0/5.1).
Vulnerability
The vulnerability exists in the je_free function in libQjpeg.so within the Qjpeg component of Qt 5.5 on Samsung mobile devices running Android L (5.0 and 5.1). A malformed JPEG file can trigger memory corruption. The issue was assigned Samsung ID SVE-2015-5110 [1].
Exploitation
An attacker must deliver a specially crafted JPEG file to the target device. If the file is processed by an application using the vulnerable Qjpeg library, memory corruption occurs. No authentication or special privileges are required beyond the ability to supply the malformed image.
Impact
Successful exploitation leads to memory corruption, which may result in a denial of service (application crash) or potentially be leveraged to execute arbitrary code in the context of the affected application.
Mitigation
Samsung released a security update as part of its monthly maintenance schedule in January 2016 [1]. Users should apply the latest firmware updates from Samsung. No workaround is available other than applying the patch.
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Qt/Qtdescription
- Range: 5.0, 5.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- security.samsungmobile.com/securityUpdate.smsbmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.