CVE-2016-3914

Name of the Vulnerable Software and Affected Versions Android versions 4.x through 4.4.3 Android versions 5.0.x through 5.0.1 Android versions 5.1.x through 5.1.0 Android versions 6.x before 2016-10-01 Android versions 7.0 before 2016-10-01

Description A race condition exists in the MmsProvider.java file within the Telephony component of Android, allowing attackers to gain privileges via a crafted application. This application can modify a database between two open operations.

Recommendations For Android versions 4.x through 4.4.3, update to version 4.4.4 or later. For Android versions 5.0.x through 5.0.1, update to version 5.0.2 or later. For Android versions 5.1.x through 5.1.0, update to version 5.1.1 or later. For Android versions 6.x before 2016-10-01, apply the October 2016 security patch or later. For Android versions 7.0 before 2016-10-01, apply the October 2016 security patch or later.