commit | 04f363e187e3fc223fb0953f8e219ca6b8e7142d | [log] [tgz] |
---|---|---|
author | Teow Wan Yee <wy.teow@hi-p.com> | Tue Oct 11 10:33:52 2016 +0800 |
committer | Teemu Hukkanen <teemu@fairphone.com> | Sat Nov 19 12:25:14 2016 +0100 |
tree | 570a19dfa5ef552861ab4c4700f7195bea0e6319 | |
parent | f24cec326f5f65c693544fb0b92c37f633bacda2 [diff] |
FPII-2480: Elevation of privilege vulnerability in Framework APIs CVE-2016-6715 A-29833954 An app can inject media keys, which allows an application to pick up the phone while it is ringing. This enables an attacker to call the device, have the malicious application pick up the phone, and thus enable the attacker to listen to the users conversation without their consent. Change-Id: I82de50a85367ab4f91c770a6a3b309c200bb0b1a