Lucene search

Ubuntu.comUB:CVE-2015-1528

HistoryOct 01, 2015 - 12:00 a.m.

CVE-2015-1528

2015-10-0100:00:00

ubuntu.com

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

36.3%

JSON

Integer overflow in the native_handle_create function in
libcutils/native_handle.c in Android before 5.1.1 LMY48M allows attackers
to obtain a different application’s privileges or cause a denial of service
(Binder heap memory corruption) via a crafted application, aka internal bug
19334482.

Notes

Author	Note
mdeslaur	need to check if used

References

android.googlesource.com/platform/frameworks/native/+/7dcd0ec9c91688cfa3f679804ba6e132f9811254

android.googlesource.com/platform/system/core/+/e8c62fb484151f76ab88b1d5130f38de24ac8c14

groups.google.com/forum/message/raw?msg=android-security-updates/1M7qbSvACjo/Y7jewiW1AwAJ

launchpad.net/bugs/cve/CVE-2015-1528

nvd.nist.gov/vuln/detail/CVE-2015-1528

security-tracker.debian.org/tracker/CVE-2015-1528

www.cve.org/CVERecord?id=CVE-2015-1528

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

36.3%

JSON

Related for UB:CVE-2015-1528