CVE-2016-0811

Name of the Vulnerable Software and Affected Versions Android versions prior to 2016-02-01

Description The issue is caused by an integer overflow in the BnCrypto::onTransact function, allowing attackers to obtain sensitive information and bypass an unspecified protection mechanism by triggering an improper size calculation. This can be exploited to obtain Signature or SignatureOrSystem access.

Recommendations For Android versions prior to 2016-02-01, update to a version released after 2016-02-01 to resolve the issue. As a temporary workaround, consider restricting access to the BnCrypto::onTransact function to minimize the risk of exploitation.