CVE-2015-1528

Severity Level: Medium
AppRisk Coverage: Yes
Type: Vulnerability
OWASP: M4: Unintended Data Leakage
Aliases:

• Elevation of Privilege Vulnerability in Binder

Platform: Android
File size (bytes): N/A
Filename: N/A
App title: N/A
MD5 Hash: N/A
SHA1 hash: N/A
Affected CVE:

• CVE-2015-1528

Details or analysis:

This is a privilege escalation vulnerability. Once exploited, it could give a malicious application or individual control and access of the vulnerable device.

The specific flaw is an integer overflow vulnerability in the “native_handle_create” function in “libcutils/native_handle.c” in Android before 5.1.1.

For more information, see the reference links.

Reference:

• https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1528
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1528