CVE-2016-8398

Name of the Vulnerable Software and Affected Versions Android versions prior to the fixed version

Description The issue is related to unauthenticated messages being processed by the UE, specifically when certain NAS messages are processed without an existing EPS security context. This could potentially allow a remote attacker to compromise the confidentiality, integrity, and availability of protected information using specially crafted NAS messages.

Recommendations For Android versions prior to the fixed version, consider implementing additional security measures to restrict the processing of unauthenticated NAS messages until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.