4 matches found
Google Awards Record $112,500 Bounty for Android Exploit Chain
Prolific bug hunter Guang Gong has earned the highest-ever payout for a vulnerability in the history of Google’s Android Security Rewards program, which began in 2015. He earned a combined $112,500 for the disclosure of an Android exploit chain impacting Google’s Pixel handset that could allow an...
CVE-2017-14904
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a crafted binder request can cause an arbitrary unmap in MediaServer...
CVE-2017-14904
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a crafted binder request can cause an arbitrary unmap in MediaServer...
CVE-2017-14904
CVE-2017-14904 affects Android’s libgralloc/MediaServer path. A crafted binder request can cause an arbitrary unmap in MediaServer, enabling sandbox escape and, per ThreatPost, could allow code injection into system_server via a malicious URL in Chrome. Exploitation details in sources describe an...