CVE-2016-2417

CRITICAL

Google Android - Access Control

Title source: rule

Description

media/libmedia/IOMX.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 does not initialize a parameter data structure, which allows attackers to obtain sensitive information from process memory, and consequently bypass an unspecified protection mechanism, via unspecified vectors, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 26914474.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Google Security Research · textdosandroid

https://www.exploit-db.com/exploits/39685

View Code ZIP pw:eip

References (3)

[Patch] https://android.googlesource.com/platform/frameworks/av/+/1171e7c047bf79e7c93342bb6a812c9edd86aa84

[Vendor Advisory] http://source.android.com/security/bulletin/2016-04-02.html

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/39685/

Scores

CVSS v3 9.8

EPSS 0.1316

EPSS Percentile 94.2%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-264

Status published

Products (22)

google/android 4.0

google/android 4.0.1

google/android 4.0.2

google/android 4.0.3

google/android 4.0.4

google/android 4.1

google/android 4.1.2

google/android 4.2

google/android 4.2.1

google/android 4.2.2

... and 12 more

Published Apr 18, 2016

Tracked Since Feb 18, 2026