2 matches found
Android-libcutils library integer overflow leading to heap damage vulnerability discovery and exploit-vulnerability warning-the black bar safety net
Before reading this article, you best understand the Android Binder mechanism, for graphics system BufferQueue principle, the heap Manager jemalloc the basic principles. This article describes how to use the libcutils library stack damage vulnerability get systemserver permissions, this...
CVE-2015-1474
CVE-2015-1474 affects Android up to version 5.0, specifically the GraphicBuffer::unflatten function in platform/frameworks/native/libs/ui/GraphicBuffer.cpp. The vulnerability arises from multiple integer overflows that can be triggered by inputs with a large number of file descriptors or large in...