Google · Android · CVE-2015-1528
**Name of the Vulnerable Software and Affected Versions**
Android versions prior to 5.1.1 LMY48M
**Description**
The issue is related to an integer overflow in the `native handle create` function, which can be exploited by attackers to obtain different application's privileges or cause a denial of service, resulting in Binder heap memory corruption. This can be achieved via a crafted application.
**Recommendations**
For Android versions prior to 5.1.1 LMY48M, update to version 5.1.1 LMY48M or later to resolve the issue. As a temporary workaround, consider restricting the use of the `native handle create` function until a patch is available.