3 matches found
CVE-2015-1528
Integer overflow in the nativehandlecreate function in libcutils/nativehandle.c in Android before 5.1.1 LMY48M allows attackers to obtain a different application's privileges or cause a denial of service Binder heap memory corruption via a crafted application, aka internal bug 19334482...
CVE-2015-1528
CVE-2015-1528 is an Android local vulnerability: integer overflow in libcutils/native_handle.c:native_handle_create can allow a crafted app to escalate privileges or trigger Binder heap memory corruption (DoS) on Android versions prior to 5.1.1 LMY48M. The issue is tied to internal bug 19334482. ...
Android-libcutils library integer overflow leading to heap damage vulnerability discovery and exploit-vulnerability warning-the black bar safety net
Before reading this article, you best understand the Android Binder mechanism, for graphics system BufferQueue principle, the heap Manager jemalloc the basic principles. This article describes how to use the libcutils library stack damage vulnerability get systemserver permissions, this...