Google · Android · CVE-2016-2420
**Name of the Vulnerable Software and Affected Versions**
Android versions prior to 4.4.4
**Description**
The issue is related to the `rootdir/init.rc` function in the Android operating system, which has insufficient access control. This allows attackers to gain privileges via a crafted application. The estimated number of potentially affected devices worldwide is not specified. There is no information about real-world incidents where this issue was exploited.
**Recommendations**
For Android versions prior to 4.4.4, update to version 4.4.4 or later to resolve the issue.