CVE-2015-1474

Severity CVSS v4.0:
Pending analysis
Type:
CWE-189 Numeric Errors
Publication date:
16/02/2015
Last modified:
12/04/2025

Description

Multiple integer overflows in the GraphicBuffer::unflatten function in platform/frameworks/native/libs/ui/GraphicBuffer.cpp in Android through 5.0 allow attackers to gain privileges or cause a denial of service (memory corruption) via vectors that trigger a large number of (1) file descriptors or (2) integer values.

Vulnerable products and versions

CPE From Up to
cpe:2.3:o:google:android:*:*:*:*:*:*:*:* 5.0 (including)