1
Candidate: CVE-2016-2413
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2413
5
https://android.googlesource.com/platform/frameworks/av/+/25be9ac20db51044e1b09ca67906355e4f328d48
6
http://source.android.com/security/bulletin/2016-04-02.html
8
media/libmedia/IOMX.cpp in mediaserver in Android 5.0.x before 5.0.2, 5.1.x
9
before 5.1.1, and 6.x before 2016-04-01 does not initialize a handle
10
pointer, which allows attackers to gain privileges via a crafted
11
application, as demonstrated by obtaining Signature or SignatureOrSystem
12
access, aka internal bug 26403627.
17
Discovered-by: Peter Pi
21
upstream_android: released (6.x 2016-04-01)
23
precise/esm_android: DNE
24
trusty_android: ignored (abandoned)
25
vivid/stable-phone-overlay_android: ignored (reached end-of-life)
26
vivid/ubuntu-core_android: DNE
27
wily_android: ignored (reached end-of-life)
28
xenial_android: ignored (abandoned)
29
yakkety_android: ignored (reached end-of-life)
30
zesty_android: ignored (reached end-of-life)