CVE-2015-1536

Name of the Vulnerable Software and Affected Versions Android versions prior to 5.1.1 LMY48I

Description The issue is related to an integer overflow in the Bitmap createFromParcel function, which can be exploited by attackers to cause a denial of service, resulting in a system server crash, or to obtain sensitive system server memory content information. This can be achieved through a crafted application that leverages improper unmarshalling of bitmaps. The exploitation of this issue may allow a remote attacker to cause a denial of service or gain access to device memory information using a specially formed application.

Recommendations For Android versions prior to 5.1.1 LMY48I, update to version 5.1.1 LMY48I or later to resolve the issue.