PT-2016-4054 · Google · Nexus 5+2
Published
2016-07-11
·
Updated
2016-11-28
·
CVE-2015-8890
CVSS v2.0
9.3
High
| Vector | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Android versions prior to 2016-07-05 on Nexus 5 and 7 (2013) devices
Description
The issue concerns a lack of validation for certain GUID Partition Table (GPT) data in the
partition parser.c file within the Qualcomm components of Android. This allows attackers to bypass intended access restrictions by using a crafted MultiMediaCard (MMC).Recommendations
For Android versions prior to 2016-07-05 on Nexus 5 and 7 (2013) devices, update the Android version to a newer one released after 2016-07-05 to resolve the issue.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Android
Nexus 5
Nexus 7