CVE-2016-3914
CVE-2016-3914 describes a race condition in Telephony’s MmsProvider.java that could let a local attacker escalate privileges by crafting an app to manipulate the Telephony database between two open operations. Affected platforms include Android 4.x up to 4.4.4, 5.0.x up to 5.0.2, 5.1.x up to 5.1....