Integer overflow in the Bitmap_createFromParcel function in core/jni/android/graphics/Bitmap.cpp in Android before 5.1.1 LMY48I allows attackers to cause a denial of service (system_server crash) or obtain sensitive system_server memory-content information via a crafted application that leverages improper unmarshalling of bitmaps, aka internal bug 19666945.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Android | * | 5.1 (including) | |
Android | Ubuntu | devel | * |
Android | Ubuntu | trusty | * |
Android | Ubuntu | vivid | * |
Android | Ubuntu | vivid/stable-phone-overlay | * |
Android | Ubuntu | wily | * |