Back to search
CVE-2016-0828
Published: Mar 12, 2016
Modified: Aug 5, 2024
PUBLISHED
Description
The BnGraphicBufferConsumer::onTransact function in libs/gui/IGraphicBufferConsumer.cpp in mediaserver in Android 5.x before 5.1.1 LMY49H and 6.x before 2016-03-01 does not initialize a certain slot variable, which allows attackers to obtain sensitive information, and consequently bypass an unspecified protection mechanism, by triggering an ATTACH_BUFFER action, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 26338113.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
84261
vdb-entry
x_refsource_BID
http://source.android.com/security/bulletin/2016-03-01.html
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now