1
Candidate: CVE-2016-2418
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2418
5
https://android.googlesource.com/platform/frameworks/av/+/8d87321b704cb3f88e8cae668937d001fd63d5e3
6
http://source.android.com/security/bulletin/2016-04-02.html
8
media/libmedia/IOMX.cpp in mediaserver in Android 6.x before 2016-04-01
9
does not initialize certain metadata buffer pointers, which allows
10
attackers to obtain sensitive information from process memory, and
11
consequently bypass an unspecified protection mechanism, via unspecified
12
vectors, as demonstrated by obtaining Signature or SignatureOrSystem
13
access, aka internal bug 26324358.
18
Discovered-by: Peter Pi
22
upstream_android: released (6.x 2016-04-01)
24
precise/esm_android: DNE
25
trusty_android: ignored (abandoned)
26
vivid/stable-phone-overlay_android: ignored (reached end-of-life)
27
vivid/ubuntu-core_android: DNE
28
wily_android: ignored (reached end-of-life)
29
xenial_android: ignored (abandoned)
30
yakkety_android: ignored (reached end-of-life)
31
zesty_android: ignored (reached end-of-life)