Integer Overflow in native_handle_create Function in Android

Integer Overflow in native_handle_create Function in Android

CVE-2015-1528 · HIGH Severity

AV:N/AC:M/AU:N/C:C/I:C/A:C

Integer overflow in the native_handle_create function in libcutils/native_handle.c in Android before 5.1.1 LMY48M allows attackers to obtain a different application's privileges or cause a denial of service (Binder heap memory corruption) via a crafted application, aka internal bug 19334482.

Learn more about our Cis Benchmark Audit For Bind.