CVE-2016-8441

Name of the Vulnerable Software and Affected Versions Android versions prior to the fixed version

Description The issue is caused by a buffer overflow in the hypervisor of the Android operating system. This can be exploited by a local attacker through a specially crafted directory name, set in the uid parameter, related to the WAR file name, which can be included in a POST request. The exploitation may allow the attacker to cause a denial of service.

Recommendations For Android versions prior to the fixed version, consider restricting access to the hypervisor until a patch is available. As a temporary workaround, avoid using specially crafted directory names in the uid parameter to minimize the risk of exploitation.