CVE-2016-2506

Name of the Vulnerable Software and Affected Versions Android versions 4.x through 4.4.4 Android versions 5.0.x through 5.0.2 Android versions 5.1.x through 5.1.1 Android versions 6.x before 2016-07-01

Description The issue is caused by a buffer overflow in the DRMExtractor.cpp function of the libstagefright library in the mediaserver component of the Android operating system. This can be exploited by a remote attacker using a specially crafted media file, potentially allowing the execution of arbitrary code or causing a denial of service due to memory corruption.

Recommendations For Android versions 4.x through 4.4.4, update to version 4.4.4 or later. For Android versions 5.0.x through 5.0.2, update to version 5.0.2 or later. For Android versions 5.1.x through 5.1.1, update to version 5.1.1 or later. For Android versions 6.x before 2016-07-01, update to a version released after 2016-07-01.