Android patched to fix denial of service bugs


The open source mobile phone platform Android has been patched to fix two bugs that could have lead to denial of service (DoS) attacks.

One of the vulnerabilities would enable an attacker to disconnect a mobile phone from a network.

This could be achieved via a specifically malformed SMS, which could restart the phone application without a user knowing, leading to a temporary loss of connectivity.

This bug could then be triggered repeatedly if there was no PIN present on the phone, and was therefore considered a remote DoS condition.

Another patched flaw, centred on issues in the Android Davlik API, with one of them classified by Android as being a DoS flaw, which lead to restarting of the system.

A specific malicious app could have been created to be downloaded and run by the user, triggering the vulnerable API and restarting the system process.