Posted by flanker on May 26

Hi: I’m posting some vulnerabilities I reported to Android and fixed last year prior to the Android Security Bounty
program launch. Since there’re no public bulletins for these ancient reports, I’m writing to the maillist for the
record. Details ======= A permission leakage exists in Android 5.x that enables a malicious application to acquire the
system-level protected permission of DEVICE_POWER. There exists a permission…