CVE-2015-3842

Android < 5.1.1 LMY48I - Remote Code Execution via Crafted Application in libeffects

Title source: llm
STIX 2.1

Description

Multiple heap-based buffer overflows in libeffects in the Audio Policy Service in mediaserver in Android before 5.1.1 LMY48I allow attackers to execute arbitrary code via a crafted application, aka internal bug 21953516.

Scores

EPSS 0.0144
EPSS Percentile 70.0%

Details

CWE
CWE-119
Status published
Products (1)
google/android < 5.1
Published Oct 01, 2015
Tracked Since Feb 18, 2026