CVE-2016-0825

Name of the Vulnerable Software and Affected Versions Android 6.0.1 before 2016-03-01

Description The issue allows attackers to obtain sensitive TrustZone secure-storage information by leveraging kernel access. This can be achieved by obtaining Signature or SignatureOrSystem access. The vulnerability is related to errors in security settings of the Android operating system. Exploitation of the vulnerability may allow a remote attacker to gain access to protected TrustZone information by utilizing the kernel.

Recommendations For Android 6.0.1 before 2016-03-01, update the system to a version released after 2016-03-01 to resolve the issue. As a temporary workaround, consider restricting kernel access to minimize the risk of exploitation.