Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
Multiple integer overflows in the GraphicBuffer::unflatten function in platform/frameworks/native/libs/ui/GraphicBuffer.cpp in Android through 5.0 allow attackers to gain privileges or cause a denial of service (memory corruption) via vectors that trigger a large number of (1) file descriptors or (2) integer values.
- http://packetstormsecurity.com/files/130778/Google-Android-Integer-Oveflow-Heap-Corruption.html
- http://seclists.org/fulldisclosure/2015/Mar/63
- https://github.com/VERFLY/SecurityScanner
- https://github.com/p1gl3t/CVE-2015-1474_poc