CVE-2016-0827

Name of the Vulnerable Software and Affected Versions Android versions prior to 4.4.4 Android versions 5.x prior to 5.1.1 LMY49H Android versions 6.x before 2016-03-01

Description The issue is caused by multiple integer overflows in the libeffects library in the mediaserver component of the Android operating system. This allows attackers to gain privileges via a crafted application, potentially obtaining Signature or SignatureOrSystem access. The issue is related to the EffectBundle.cpp and EffectReverb.cpp files.

Recommendations For Android versions prior to 4.4.4, update to version 4.4.4 or later. For Android versions 5.x prior to 5.1.1 LMY49H, update to version 5.1.1 LMY49H or later. For Android versions 6.x before 2016-03-01, update to a version released on or after 2016-03-01.