CVE-2016-0826 — Vulnetix

Try Vulnetix Request Demo

CVE-2016-0826 PUBLISHED

libcameraservice in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 does not require use of the ICameraService::dump method for a camera service dump, which allows attackers to gain privileges via a crafted application that directly dumps, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 26265403.

EPSS 0.07% · 20.6th percentile

Risk Scores

EPSS Score

0.07%

20.6th percentile

Affected Products

Vendor	Product	Versions
Ubuntu:16.04:LTS	android	0, 20150818-1500-0ubuntu2, 20150818-1500-0ubuntu3

Timeline

Mar 8, 2016 CVE Published
Feb 4, 2022 EPSS Score
Mar 28, 2022 EPSS Score
May 19, 2022 EPSS Score
Jul 10, 2022 EPSS Score
Sep 1, 2022 EPSS Score
Oct 23, 2022 EPSS Score
Dec 14, 2022 EPSS Score
Feb 4, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Mar 28, 2023 EPSS Score
May 19, 2023 EPSS Score

References

https://ubuntu.com/security/CVE-2016-0826 third-party-advisory
http://source.android.com/security/bulletin/2016-03-01.html third-party-advisory
https://android.googlesource.com/platform/frameworks/av/+/899823966e78552bb6dfd7772403a4f91471d2b0 third-party-advisory
https://android.googlesource.com/platform/frameworks/av/+/c9ab2b0bb05a7e19fb057e79b36e232809d70122 third-party-advisory
https://www.cve.org/CVERecord?id=CVE-2016-0826 third-party-advisory

Open in Interactive Console →