VYPR
Unrated severityNVD Advisory· Published Oct 1, 2015· Updated Jun 17, 2026

CVE-2015-3860

CVE-2015-3860

Description

packages/Keyguard/res/layout/keyguard_password_view.xml in Lockscreen in Android 5.x before 5.1.1 LMY48M does not restrict the number of characters in the passwordEntry input field, which allows physically proximate attackers to bypass intended access restrictions via a long password that triggers a SystemUI crash, aka internal bug 22214934.

Affected products

2
  • Google/Android2 versions
    cpe:2.3:o:google:android:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:google:android:*:*:*:*:*:*:*:*range: <=5.1
    • (no CPE)range: <5.1.1 LMY48M

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.