Published: 07/02/2016 Updated: 14/03/2016
CVSS v2 Base Score: 4.9 | Impact Score: 6.9 | Exploitability Score: 3.9
CVSS v3 Base Score: 6.2 | Impact Score: 3.6 | Exploitability Score: 2.5
VMScore: 436
Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C

Vulnerability Summary

Integer overflow in the getCoverageFormat12 function in CmapCoverage.cpp in the Minikin library in Android 5.x prior to 5.1.1 LMY49G and 6.x prior to 2016-02-01 allows malicious users to cause a denial of service (continuous rebooting) via an application that triggers loading of a crafted TTF font, aka internal bug 25645298.

Affected Products

Vendor Product Versions
GoogleAndroid5.0, 5.0.1, 5.0.2, 5.1, 5.1.0, 5.1.1, 6.0, 6.0.1

Vendor Advisories

We have released a security update to Nexus devices through an over-the-air (OTA) update as part of our Android Security Bulletin Monthly Release process The Nexus firmware images have also been released to the Google Developer site Builds LMY49G or later and Android M with Security Patch Level of February 1, 2016 or later address these issues R ...

Github Repositories

#Android Vulnerability Test Suite Download from Github UPDATE 2015/12/15: AndroidVTS is currently not available in the Google Play™ store app, more info here Overview This tool was meant to show the end user the attack surface that a given device is susceptible to In implementing these checks we attempt to minimize or eliminate both false positives/false negatives with

Recent Articles

Google plugs Android vulns
The Register • Richard Chirgwin • 02 Feb 2016

Happy days if you own a Nexus

Five "critical," four "high" severity and one merely "moderate" bug make up the menu of Android security patches, which are now available for Nexus devices and will flow through to myriad other devices when it rains up instead of down.
The critical bugs relate to Broadcom and Qualcomm WiFi drivers, Android's Mediaserver, Qualcomm's performance module, and the Android debugger daemon.
Here's the advisory. One by one, the critical bugs are:
There's a Minikin library bug (CVE-2016...