CVE-2017-0405

Name of the Vulnerable Software and Affected Versions Android versions 7.0 through 7.1.1

Description A remote code execution issue in the Surfaceflinger service could allow an attacker to cause memory corruption during media file and data processing by using a specially crafted file. This issue is rated as Critical due to the possibility of remote code execution within the context of the Surfaceflinger process. The vulnerability is caused by a buffer overflow in memory, which can be exploited by a remote attacker to inject arbitrary code.

Recommendations For Android versions 7.0 through 7.1.1, at the moment, there is no information about a newer version that contains a fix for this vulnerability.