The Parcel::appendFrom function in libs/binder/Parcel.cpp in Binder in Android before 5.1.1 LMY48M does not consider parcel boundaries during identification of binder objects in an append operation, which allows attackers to obtain a different application's privileges via a crafted application, aka internal bug 17312693.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: google_android
Published: 2015-10-01T00:00:00
Updated: 2024-08-06T05:56:15.700Z
Reserved: 2015-05-12T00:00:00
Link: CVE-2015-3845
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2015-10-01T00:59:25.310
Modified: 2015-10-01T18:03:46.747
Link: CVE-2015-3845
Redhat
No data.