Qualcomm Security Flaw Impacts Android Devices, Project APIs

39

The issue can result in information leaks and local privilege escalation — and it may be impossible to patch all vulnerable devices.

A security flaw affecting Android devices using Qualcomm chips leading to information disclosure and device manipulation has been revealed by researchers. The vulnerability in question is CVE-2016- 2060, a lack of input sanitization of the “interface” parameter of the “netd” daemon, used as part of the Android Open Source Project (AOSP).

Read more at ZDNet