CVE-2017-0496

Name of the Vulnerable Software and Affected Versions Android versions 5.0.2, 5.1.1, 6.0, 6.0.1

Description A denial of service issue in the Setup Wizard component of the Android operating system is related to inadequate access control. This issue could allow a malicious application to cause a denial of service, potentially leading to a device becoming unusable and requiring a factory reset. The issue is estimated to be moderate in severity.

Recommendations For Android version 5.0.2, update to a fixed version or apply a recommended configuration change to mitigate the issue. For Android version 5.1.1, update to a fixed version or apply a recommended configuration change to mitigate the issue. For Android version 6.0, update to a fixed version or apply a recommended configuration change to mitigate the issue. For Android version 6.0.1, update to a fixed version or apply a recommended configuration change to mitigate the issue. As a temporary workaround, consider restricting access to the Setup Wizard component until a patch is available.