CVE-2015-3833

Name of the Vulnerable Software and Affected Versions Android versions prior to 5.1.1 LMY48I

Description The issue is related to the getRunningAppProcesses function, which has inadequate access control. This allows attackers to bypass intended getRecentTasks restrictions and discover the name of the foreground application via a crafted application. The vulnerability can be exploited by a remote attacker to obtain information about running processes.

Recommendations For Android versions prior to 5.1.1 LMY48I, update to version 5.1.1 LMY48I or later to resolve the issue. As a temporary workaround, consider restricting access to the getRunningAppProcesses function until a patch is available.