CVE-2017-18672
Description
An issue was discovered on Samsung mobile devices with L(5.0/5.1), M(6.0), and N(7.x) software. Because of incorrect exception handling for Intents, a local attacker can force a reboot within framework.jar. The Samsung ID is SVE-2017-8390 (May 2017).
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Incorrect exception handling for Intents in Samsung Android framework.jar allows local attackers to force a system reboot on L(5.0/5.1), M(6.0), and N(7.x) devices.
Vulnerability
An issue exists in the Android framework.jar of Samsung mobile devices running L (5.0/5.1), M (6.0), and N (7.x) software. Due to incorrect exception handling for Intents, a local attacker can trigger a system reboot. The vulnerability is identified by Samsung as SVE-2017-8390 [1].
Exploitation
To exploit this vulnerability, an attacker must have local access to the device and be able to send a crafted Intent. No additional privileges or user interaction beyond local presence is required. The attacker sends a specially crafted Intent that causes the framework to mishandle an exception, leading to an uncontrolled restart of the system.
Impact
Successful exploitation results in a denial-of-service (DoS) condition: the device is forced into a reboot. This can interrupt user activity and potentially be used as a nuisance attack or as part of a chain to disable security features temporarily. No data theft or privilege escalation is reported as part of this vulnerability.
Mitigation
The official fix is included in Samsung's monthly security updates. Samsung Mobile Security updates are available through the vendor's security update portal [1]. Users should ensure their devices are updated to the latest firmware version released after May 2017.
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Samsung/mobile devicesdescription
- Range: L(5.0/5.1), M(6.0), N(7.x)
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- security.samsungmobile.com/securityUpdate.smsbmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.