CVE-2016-2416

CVE-2016-2416 is an information-disclosure flaw in Android mediaserver where libs/gui/BufferQueueConsumer.cpp does not check android.permission.DUMP, enabling a dump request to bypass protection and obtain signatures. Affected: Mediaserver component in Android 4.x up to 4.4.4, 5.0.x up to 5.0.2, ...