CVE-2015-8940

Name of the Vulnerable Software and Affected Versions Android versions prior to 2016-08-05

Description The issue is caused by an integer overflow in the sound/soc/msm/qdsp6v2/q6lsm.c component of the Qualcomm operating system in Android. This can be exploited by a remote attacker using a specially crafted application to gain privileges.

Recommendations For Android versions prior to 2016-08-05, update the operating system to a version released after 2016-08-05 to resolve the issue. As a temporary workaround, consider restricting the use of the q6lsm.c component until a patch is available.