Denial of Service Vulnerability in Minikin Library

Denial of Service Vulnerability in Minikin Library

CVE-2016-2414 · MEDIUM Severity

AV:L/AC:L/AU:N/C:N/I:N/A:C

The Minikin library in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 does not properly consider negative size values in font data, which allows remote attackers to cause a denial of service (memory corruption and reboot loop) via a crafted font, aka internal bug 26413177.

Learn more about our Cis Benchmark Audit For Google Android.