ubuntu · CVE-2016-2424

Quick triage

Priority: medium Published: 2016-04-18 00:59:00 UTC Updated: 2025-08-25 21:57:28 UTC

View at Official ubuntu advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2016-2424 medium priority: Ubuntu including 1 source packages (android), 5 status rows across 5 suites (precise, trusty, upstream, wily, xenial): DNE 2, not-affected 2, released 1.

Description:

server/content/SyncStorageEngine.java in SyncStorageEngine in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 mismanages certain authority data, which allows attackers to cause a denial of service (reboot loop) via a crafted application, aka internal bug 26513719.

cvelogic Threat Intelligence