CVE-2016-3748

Name of the Vulnerable Software and Affected Versions Android versions prior to 2016-07-01

Description The issue is related to the sockets subsystem in Android, which has inadequate access control. This can be exploited by a remote attacker using a specially crafted application to bypass system-call restrictions by making an ioctl call.

Recommendations For Android versions prior to 2016-07-01, consider restricting access to the ioctl call until a patch is available. As a temporary workaround, avoid using the ioctl function in affected applications to minimize the risk of exploitation.