Stagefright
Android Stagefright issues (CVE-2015-1538, CVE-2015-1539, CVE-2015-3824, CVE-2015-3826, CVE-2015-3827, CVE-2015-3828, CVE-2015-3829)
Published
29 July 2015
Updated
a month ago
The Android stagefright vulnerability allows for a remote attacker to send a crafted MMS message to a victim’s phone to steal data, access hardware and install malware. While in general Ubuntu does not share the affected code with Android, Ubuntu Touch devices utilizing the Android Open Source Project (AOSP) do contain the affected stagefright libraries, but Ubuntu Touch does not expose the affected functionality of these libraries in a way that can be leveraged by an attacker.
Timeline
- 2015 07 27: Ubuntu received notification of the issue