CVE-2014-9795

Name of the Vulnerable Software and Affected Versions Android versions prior to 2016-07-05

Description The issue is caused by an integer overflow in the app/aboot/aboot.c component of Qualcomm in Android, which allows attackers to bypass intended access restrictions. This can be achieved by using crafted start and size values. The exploitation of this issue may allow a remote attacker to bypass existing access restrictions using specially formed variable values.

Recommendations For Android versions prior to 2016-07-05, consider restricting access to the app/aboot/aboot.c component until a patch is available. As a temporary workaround, avoid using crafted start and size values that could trigger the integer overflow. At the moment, there is no information about a newer version that contains a fix for this vulnerability.