Multiple integer overflows in the GraphicBuffer::unflatten function in platform/frameworks/native/libs/ui/GraphicBuffer.cpp in Android through 5.0 allow attackers to gain privileges or cause a denial of service (memory corruption) via vectors that trigger a large number of (1) file descriptors or (2) integer values.
Max CVSS
10.0
EPSS Score
1.15%
Published
2015-02-16
Updated
2017-09-29
1 vulnerabilities found