CVE-2016-8438

Name of the Vulnerable Software and Affected Versions Android versions prior to the fixed version

Description The issue is caused by an integer overflow leading to a Time-of-Check-to-Time-of-Use (TOCTOU) condition in the hypervisor Peripheral Image Loader (PIL). This exposes a race condition that may be used to bypass PIL authentication. The exploitation of this issue may allow a remote attacker to cause an integer overflow, representing a race condition, which can be used to bypass PIL authentication.

Recommendations For Android versions prior to the fixed version, consider applying a patch or update that fixes the integer overflow issue in the hypervisor PIL to prevent the bypass of PIL authentication. At the moment, there is no information about a newer version that contains a fix for this vulnerability.