Security News > 2015 > November > Security update kills several critical bugs in Android Marshmallow (Help Net Security)

2015-11-03 11:01
Google's November Android security update carries fixes for seven vulnerabilities, including two remote code execution flaws that are rated "critical" (CVE-2015-6608, CVE-2015-6609), and an elevation ...
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/76WH5e4_6wA/secworld.php
Related news
- Don't Overlook These 6 Critical Okta Security Configurations (source)
- Qualcomm pledges 8 years of security updates for Android kit using its chips (YMMV) (source)
- 89% of Enterprise GenAI Usage Is Invisible to Organizations Exposing Critical Security Risks, New Report Reveals (source)
- Google's March 2025 Android Security Update Fixes Two Actively Exploited Vulnerabilities (source)
- Stealthy Apache Tomcat Critical Exploit Bypasses Security Filters: Are You at Risk? (source)
- Android Malware Exploits a Microsoft-Related Security Blind Spot to Avoid Detection (source)
- Still Using an Older Version of iOS or iPadOS? Update Now to Patch These Critical Security Vulnerabilities (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2015-11-03 | CVE-2015-6608 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android mediaserver in Android 5.x before 5.1.1 LMY48X and 6.0 before 2015-11-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bugs 19779574, 23680780, 23876444, and 23658148, a different vulnerability than CVE-2015-8072 and CVE-2015-8073. | 0.0 |
2015-11-03 | CVE-2015-6609 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android libutils in Android before 5.1.1 LMY48X and 6.0 before 2015-11-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted audio file, aka internal bug 22953624. | 0.0 |