Google Rolls Out Fixes for High-Severity Android System Flaws

Google has released patches addressing high-severity flaws in its System component. The flaws could be remotely exploited to gain access to additional permissions. Overall, 50 flaws were patched as part of Google’s October security update for the Android operating system, released on Monday. As...

Google Android runtime elevation of privilege vulnerability (CNVD-2020-46269)

Android is a Linux-based open source operating system from Google and the Open Handset Alliance OHA in the U.S. Android runtime is one of the runtime environments. A security vulnerability exists in Android runtime in Android version 10. The vulnerability can be exploited by an attacker to elevat...

Google Android runtime information disclosure vulnerability

Android is a Linux-based open source operating system from Google and the Open Handset Alliance OHA in the U.S. Android runtime is one of the runtime environments. A security vulnerability exists in Android runtime in Android version 10. The vulnerability can be exploited by an attacker to obtain...

Pixel Update Bulletin—June 2020Stay organized with collectionsSave and categorize content based on your preferences.

The Pixel Update Bulletin contains details of security vulnerabilities and functional improvements affecting supported Pixel devices Google devices. For Google devices, security patch levels of 2020-06-05 or later address all issues in this bulletin and all issues in the June 2020 Android Securit...

Google Android Runtime Elevation of Privilege Vulnerability (CNVD-2018-26250)

Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA, and Android runtime ART is the runtime environment of the Android system. An elevation of privilege vulnerability exists in Android Runtime in Android. An attacker can exploit the...

Google Android Runtime Remote Code Execution Vulnerability

Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA for short. Android runtime ART is the runtime environment for Android. A remote code execution vulnerability exists in Android Runtime in Android. A remote attacker can exploit the...

Google Android Runtime Elevation of Privilege Vulnerability

Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA for short. Android Runtime ART is the runtime environment of the Android system. An elevation of privilege vulnerability exists in ART in Android. A remote attacker can exploit thi...

CVE-2017-13156

An elevation of privilege vulnerability in the Android system art. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-64211847...

CVE-2017-0780

CVE-2017-0780 is a DoS in Android's runtime (FrameSequenceDrawable) triggered when processing GIF-based frames in MMS. The root cause is a Null Pointer Exception path: acquireAndValidateBitmap can accept a null or invalid Bitmap from a custom FrameSequenceDrawable.BitmapProvider, leading to an NP...

Google Android Runtime Denial of Service Vulnerability

Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA, of which Runtime android messenger is a communication component. A denial of service vulnerability exists in Runtime android messenger in Android. A remote attacker can exploit th...

CVE-2016-0959

Use after free vulnerability in Adobe Flash Player Desktop Runtime before 20.0.0.267, Adobe Flash Player Extended Support Release before 18.0.0.324, Adobe Flash Player for Google Chrome before 20.0.0.267, Adobe Flash Player for Microsoft Edge and Internet Explorer 11 before 20.0.0.267, Adobe Flas...

CVE-2016-6703

A remote code execution vulnerability in an Android runtime library in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-11-01 could enable an attacker using a specially crafted payload to execute arbitrary code in the context of an unprivileged process. This...

UBUNTU-CVE-2016-6703

A remote code execution vulnerability in an Android runtime library in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-11-01 could enable an attacker using a specially crafted payload to execute arbitrary code in the context of an unprivileged process. This...

Google Android Runtime Library Remote Code Execution Vulnerability

Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA, and Android runtime ART is the runtime environment of the Android system. A remote code execution vulnerability exists in ART in Android. An attacker can exploit the vulnerability...

Design/Logic Flaw

On Samsung Galaxy S4 through S7 devices, a malformed OTA WAP PUSH SMS containing an OMACP message sent remotely triggers an unhandled ArrayIndexOutOfBoundsException in Samsung's implementation of the WifiServiceImpl class within wifi-service.jar. This causes the Android runtime to continually...

Design/Logic Flaw

Adobe AIR SDK & Compiler before 23.0.0.257 on Windows does not support Android runtime-analytics transport security, which might allow remote attackers to obtain sensitive information by leveraging access to a network over which analytics data is sent...

CVE-2015-3865

The Runtime subsystem in Android before 5.1.1 LMY48T allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 23050463...

Google Patches Stagefright 2.0 in Android OTA Nexus Update

Google today patched the latest round of Stagefright vulnerabilities in Android, pushing them out as part of its latest over-the-air update to Nexus devices. Stagefright 2.0, as it’s come to be known, affected the Stagefright media playback engine in Android and one billion devices dating back to...