CVE-2015-3832

Name of the Vulnerable Software and Affected Versions Android versions prior to 5.1.1 LMY48I

Description The issue is caused by multiple buffer overflows in the libstagefright library of the Android operating system. Exploitation of these issues may allow a remote attacker to execute arbitrary code using specially crafted MP4 data. The vulnerability is specifically related to invalid size values of NAL units in MP4 data.

Recommendations For Android versions prior to 5.1.1 LMY48I, update to version 5.1.1 LMY48I or later to resolve the issue. As a temporary workaround, consider restricting the use of MP4 data from untrusted sources to minimize the risk of exploitation.