CVE-2015-6636

Name of the Vulnerable Software and Affected Versions Android versions 5.x through 5.1.1 LMY49F Android versions 6.0 through 2016-01-01

Description The issue is caused by a buffer overflow in the mediaserver component of the Android operating system. Exploitation of this issue may allow a remote attacker to execute arbitrary code or cause a denial of service (memory corruption) using a specially crafted media file.

Recommendations For Android versions 5.x through 5.1.1 LMY49F, update to version 5.1.1 LMY49F or later. For Android versions 6.0 through 2016-01-01, apply the patch available after 2016-01-01. As a temporary workaround, consider restricting the use of mediaserver to minimize the risk of exploitation.