Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Parcel::appendFrom function in libs/binder/Parcel.cpp in Binder in Android before 5.1.1 LMY48M does not consider parcel boundaries during identification of binder objects in an append operation, which allows attackers to obtain a different application's privileges via a crafted application, aka internal bug 17312693.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Android Binder组件权限许可和访问控制漏洞
Vulnerability Description
Google Chrome是美国谷歌(Google)公司开发的一款Web浏览器。Android是美国谷歌(Google)公司和开放手持设备联盟(简称OHA)共同开发的一套以Linux为基础的开源操作系统。Binder是其中的一个系统进程间通信(IPC)方式组件。 Android 5.1及之前版本的Binder组件中的libs/binder/Parcel.cpp文件中的‘Parcel::appendFrom’函数存在安全漏洞,该漏洞源于程序识别添加操作中的绑定对象时没有正确限制Parcel的边界。攻击者可借
CVSS Information
N/A
Vulnerability Type
N/A