The issue can result in information leaks and local privilege escalation — and it may be impossible to patch all vulnerable devices.
A security flaw affecting Android devices using Qualcomm chips leading to information disclosure and device manipulation has been revealed by researchers. The vulnerability in question is CVE-2016- 2060, a lack of input sanitization of the “interface” parameter of the “netd” daemon, used as part of the Android Open Source Project (AOSP).
Read more at ZDNet