Android Security Bulletin—May 2016Stay organized with collectionsSave and categorize content based on your preferences.

The Android Security Bulletin contains details of security vulnerabilities affecting Android devices. Alongside the bulletin, we have released a security update to Nexus devices through an over-the-air OTA update. The Nexus firmware images have also been released to the Google Developer site...

CVE-2016-0846

libs/binder/IMemory.cpp in the IMemory Native Interface in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 does not properly consider the heap size, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining...

CVE-2016-2422

CVE-2016-2422 describes an Android Wi‑Fi elevation vulnerability where a Wi‑Fi CA certificate could be used in an unrelated CA role, enabling privilege escalation via a crafted app to gain Signature or SignatureOrSystem privileges. Affected: Android 4.x up to 4.4.3; 5.0.x up to 5.0.1; 5.1.x up to...

CVE-2016-2427

The AES-GCM specification in RFC 5084, as used in Android 5.x and 6.x, recommends 12 octets for the aes-ICVlen parameter field, which might make it easier for attackers to defeat a cryptographic protection mechanism and discover an authentication key via a crafted application, aka internal bug...

CVE-2016-0842

CVE-2016-0842 affects libstagefright’s H.264 decoder in Android 6.x prior to 2016-04-01. The root cause is improper handling of MMCO data, enabling memory corruption that could allow remote code execution or a denial of service via crafted media files. Public details specify the affected componen...

CVE-2016-0849

CVE-2016-0849 describes an Elevation of Privilege in Android’s Recovery Procedure due to multiple integer overflows in minzip/SysUtil.c. A local attacker could exploit a crafted application to gain Signature or SignatureOrSystem privileges. Affected versions: Android 5.0.x prior to 5.0.2, 5.1.x p...

Nexus Security Bulletin—April 2016Stay organized with collectionsSave and categorize content based on your preferences.

We have released a security update to Nexus devices through an over-the-air OTA update as part of our Android Security Bulletin Monthly Release process. The Nexus firmware images have also been released to the Google Developer site. Security Patch Levels of April 02, 2016 or later address these...

Android 5.0.1 - Metaphor Stagefright Exploit (ASLR Bypass)

Exploit for Android platform in category remote exploits Source: https://github.com/NorthBit/Metaphor Metaphor - Stagefright with ASLR bypass By Hanan Be'er from NorthBit Ltd. Link to whitepaper: https://raw.githubusercontent.com/NorthBit/Public/master/NorthBit-Metaphor.pdf Twitter:...

Grandstream Wave 1.0.1.26 Update Redirection

CVE-2016-1520: GrandStream Android VoIP App Update Redirection ============================================================== Affected app: Grandstream WaveGSWAVE version 1.0.1.26 and probably earlier Classification: CWE-300 Channel Accessible by Non-EndpointCWE300 CWE-319 Cleartext Transmission ...

Memory corruption

btifconfig.c in Bluetooth in Android 6.x before 2016-03-01 allows remote attackers to cause a denial of service memory corruption and persistent daemon crash by triggering a large number of configuration entries, and consequently exceeding the maximum size of a configuration file, aka internal bu...

Lobotomy - Android Reverse Engineering Framework & Toolkit

Lobotomy is an Android security toolkit that will automate different Android assessments and reverse engineering tasks. The goal of the Lobotomy toolkit is to provide a console environment, which would allow a user to load their target Android APK once, then have all the necessary tools without...

How To Keep Your Android Phone Secure

As the number of threats is on the rise, Android platform is no longer safe, which isn't a surprise to anyone. Most of us are usually worried more about the security of our desktops or laptops and forget to think about the consequences our smartphones can make if compromised or stolen. Unlike...

CVE-2016-0805

The performance event manager for Qualcomm ARM processors in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows attackers to gain privileges via a crafted application, aka internal bug 25773204...

CVE-2016-0805

CVE-2016-0805 affects Qualcomm ARM kernels, specifically the Qualcomm Performance Module in Android. The issue resides in the kernel function get_krait_evtinfo, which returns an index into an array used by other kernel functions; crafted input can generate a malicious index and cause a buffer ove...

AndroL4b - A Virtual Machine For Assessing Android applications, Reverse Engineering and Malware Analysis

AndroL4b is an android security virtual machine based on ubuntu Mate includes the collection of latest framework, tutorials and labs from different security geeks and researcher for reverse engineering and malware analysis. Tools APKStudio Cross-platform Qt5 based IDE for reverse-engineering...

Nexus Security Bulletin - February 2016Stay organized with collectionsSave and categorize content based on your preferences.

We have released a security update to Nexus devices through an over-the-air OTA update as part of our Android Security Bulletin Monthly Release process. The Nexus firmware images have also been released to the Google Developer site. Builds LMY49G or later and Android M with Security Patch Level o...

Code injection

The Widevine QSEE TrustZone application in Android 5.x before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attackers to gain privileges via a crafted application that leverages QSEECOM access, aka internal bug 24446875...

BrainTest Malicious Android Apps Removed From Google Play

Update The Brain Test mobile malware family has once again been evicted from Google Play. Known for piggy-backing on fully functioning mobile applications, the malware’s various iterations try to root Android devices, download malicious APKs and inflate the Google Play ratings of other apps writt...

Nexus Security Bulletin—January 2016Stay organized with collectionsSave and categorize content based on your preferences.

We have released a security update to Nexus devices through an over-the-air OTA update as part of our Android Security Bulletin Monthly Release process. The Nexus firmware images have also been released to the Google Developer site. Builds LMY49F or later and Android 6.0 with Security Patch Level...

CVE-2015-6640

The prctlsetvmaanonname function in kernel/sys.c in Android before 5.1.1 LMY49F and 6.0 before 2016-01-01 does not ensure that only one vma is accessed in a certain update action, which allows attackers to gain privileges or cause a denial of service vma list corruption via a crafted application,...