Heisecode

**Name of the Vulnerable Software and Affected Versions** Android versions Kernel-3.10 **Description** An information disclosure issue in the camera driver could allow a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. **Recommendations** For Android versions Kernel-3.10, at the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Android versions prior to 2016-08-05 **Description** The issue is related to the ION driver in the Android operating system, which has inadequate access control. This can be exploited by an attacker to gain privileges via a crafted application. The estimated number of potentially affected devices is not specified. **Recommendations** For Android versions prior to 2016-08-05, update the operating system to a version released after 2016-08-05 to resolve the issue. As a temporary workaround, consider restricting the use of the ION driver until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Apple OS X versions prior to 10.11.5 **Description** The issue allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. It is caused by a buffer overflow in the IOFireWireFamily component. **Recommendations** For versions prior to 10.11.5, update to version 10.11.5 or later to resolve the issue. As a temporary workaround, consider restricting the use of the IOFireWireFamily component until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Android versions 4.x through 4.4.3 Android versions 5.0.x through 5.0.1 Android versions 5.1.x through 5.1.0 Android versions 6.x before 2016-05-01 **Description** The issue is related to the mediaserver in Android, which does not initialize certain data structures correctly. This allows attackers to obtain sensitive information via a crafted application. The problem is associated with the `IGraphicBufferConsumer.cpp` and `IGraphicBufferProducer.cpp` objects. **Recommendations** For Android versions 4.x through 4.4.3, update to version 4.4.4 or later. For Android versions 5.0.x through 5.0.1, update to version 5.0.2 or later. For Android versions 5.1.x through 5.1.0, update to version 5.1.1 or later. For Android versions 6.x before 2016-05-01, ensure that the device is updated to a version released on or after 2016-05-01.

**Name of the Vulnerable Software and Affected Versions** Android versions 4.x through 4.4.3 Android versions 5.0.x through 5.0.1 Android versions 5.1.x through 5.1.0 Android versions 6.x before 2016-05-01 **Description** The issue is related to the mediaserver in Android, which does not initialize certain data structures correctly. This allows attackers to obtain sensitive information via a crafted application. The problem is associated with the IGraphicBufferConsumer.cpp and IGraphicBufferProducer.cpp objects. **Recommendations** For Android versions 4.x through 4.4.3, update to version 4.4.4 or later. For Android versions 5.0.x through 5.0.1, update to version 5.0.2 or later. For Android versions 5.1.x through 5.1.0, update to version 5.1.1 or later. For Android versions 6.x before 2016-05-01, ensure that the device is updated to a version released on or after 2016-05-01.

**Name of the Vulnerable Software and Affected Versions** Android versions prior to 2016-04-01 **Description** The issue concerns a component of the Android operating system, specifically the media/libmedia/IDrm.cpp in the mediaserver. It does not properly initialize a certain key-request data structure. This can be exploited by a remote attacker to obtain sensitive information from process memory, thereby bypassing an unspecified protection mechanism. The exploitation can be achieved via unspecified vectors, potentially allowing attackers to gain Signature or SignatureOrSystem access. **Recommendations** For Android versions prior to 2016-04-01, update the operating system to a version released after 2016-04-01 to resolve the issue. As a temporary workaround, consider restricting access to sensitive information and limiting the use of the mediaserver to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Android versions prior to 2016-04-01 patchday **Description** The issue is caused by a buffer overflow in the media/libmedia/IOMX.cpp component of the mediaserver in the Android operating system. This can allow a remote attacker to obtain confidential information or bypass protection mechanisms. The vulnerability can be exploited to gain access to sensitive information from process memory, potentially allowing attackers to bypass an unspecified protection mechanism. **Recommendations** For Android versions prior to 2016-04-01 patchday: Apply the patch from the 2016-04-01 patchday to resolve the issue. As a temporary workaround, consider restricting access to the mediaserver component to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Android versions 5.0.0 through 5.0.1 Android versions 5.1.0 through 5.1.0 Android versions 6.0.0 through 2016-03-31 **Description** The issue exists due to the lack of validation for negative font property values in the Minikin library of the Android operating system. Exploitation of this issue can allow a local attacker to cause a denial of service (memory corruption) using a specially crafted font. Remote attackers can also cause a denial of service (memory corruption and reboot loop) via a crafted font. **Recommendations** For Android versions 5.0.0 through 5.0.1, update to version 5.0.2 or later. For Android versions 5.1.0 through 5.1.0, update to version 5.1.1 or later. For Android versions 6.0.0 through 2016-03-31, apply the patch available as of 2016-04-01.

**Name of the Vulnerable Software and Affected Versions** Android versions 5.0.x through 5.0.1 Android versions 5.1.x through 5.1.0 Android versions 6.x before 2016-04-01 **Description** The issue is related to insufficient access control in the media/libmedia/IOMX.cpp component of the mediaserver in the Android operating system. Exploitation of this issue may allow a remote attacker to elevate their privileges using a specially crafted application. This can potentially allow attackers to gain privileges, such as obtaining Signature or SignatureOrSystem access. **Recommendations** For Android versions 5.0.x through 5.0.1, update to version 5.0.2 or later. For Android versions 5.1.x through 5.1.0, update to version 5.1.1 or later. For Android versions 6.x before 2016-04-01, ensure that the patch level is 2016-04-01 or later.

**Name of the Vulnerable Software and Affected Versions** Android versions prior to 5.1.1 LMY49H Android 6.x versions prior to 2016-03-01 **Description** The issue exists due to the lack of initialization of a certain type of variable in the BnGraphicBufferConsumer::onTransact function. This allows a remote attacker to bypass protection mechanisms or obtain confidential information by triggering an ATTACH BUFFER action. **Recommendations** For Android versions prior to 5.1.1 LMY49H, update to version 5.1.1 LMY49H or later. For Android 6.x versions prior to 2016-03-01, update to a version released after 2016-03-01. As a temporary workaround, consider restricting access to the BnGraphicBufferConsumer::onTransact function until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Android versions prior to 4.4.4 Android versions 5.x prior to 5.1.1 LMY49H Android versions 6.x before 2016-03-01 **Description** The issue is caused by multiple integer overflows in the libeffects library in the mediaserver component of the Android operating system. This allows attackers to gain privileges via a crafted application, potentially obtaining Signature or SignatureOrSystem access. The issue is related to the EffectBundle.cpp and EffectReverb.cpp files. **Recommendations** For Android versions prior to 4.4.4, update to version 4.4.4 or later. For Android versions 5.x prior to 5.1.1 LMY49H, update to version 5.1.1 LMY49H or later. For Android versions 6.x before 2016-03-01, update to a version released on or after 2016-03-01.