Security Advisory

CVE-2015-3849

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2015-10-01 00:00:00

Last updated 2024-08-06 05:56:15

Assigner google_android

State PUBLISHED

Description

The Region_createFromParcel function in core/jni/android/graphics/Region.cpp in Region in Android before 5.1.1 LMY48M does not check the return values of certain read operations, which allows attackers to execute arbitrary code via an application that sends a crafted message to a service, aka internal bug 21585255.

← Browse all CVEs View on cve.org ↗