CVE-2015-3863
Published: 1 October 2015
Multiple integer overflows in the Blob class in keystore/keystore.cpp in Keystore in Android before 5.1.1 LMY48M allow attackers to execute arbitrary code and read arbitrary Keystore keys via an application that uses a crafted blob in an insert operation, aka internal bug 22802399.
Notes
| Author | Note |
|---|---|
| mdeslaur | need to check if used |
| sbeattie | incorrect check for Blob max length |
Priority
Status
| Package | Release | Status |
|---|---|---|
|
android Launchpad, Ubuntu, Debian |
artful |
Does not exist
|
| bionic |
Does not exist
|
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
(trusty was ignored [abandoned])
|
|
| upstream |
Needs triage
|
|
| vivid |
Ignored
(end of life)
|
|
| wily |
Ignored
(end of life)
|
|
| xenial |
Ignored
(abandoned)
|
|
| yakkety |
Ignored
(end of life)
|
|
| zesty |
Ignored
(end of life)
|
References
- https://android.googlesource.com/platform/system/security/+/bb9f4392c2f1b11be3acdc1737828274ff1ec55b
- https://groups.google.com/forum/#!topic/android-security-updates/iv1BF0f0XY4
- https://android.googlesource.com/platform/system/security/+/0d5935262dbbcaf2cf6145529ffd71a728ef4609%5E!/#F0
- https://www.cve.org/CVERecord?id=CVE-2015-3863
- NVD
- Launchpad
- Debian