Denial of Service via Crafted TTF Font in Minikin Library

Denial of Service via Crafted TTF Font in Minikin Library

CVE-2016-0808 · MEDIUM Severity

AV:L/AC:L/AU:N/C:N/I:N/A:C

Integer overflow in the getCoverageFormat12 function in CmapCoverage.cpp in the Minikin library in Android 5.x before 5.1.1 LMY49G and 6.x before 2016-02-01 allows attackers to cause a denial of service (continuous rebooting) via an application that triggers loading of a crafted TTF font, aka internal bug 25645298.

Learn more about our Cis Benchmark Audit For Google Android.