Chi Zhang

**Name of the Vulnerable Software and Affected Versions** Android versions 6.0 through 8.0 **Description** The issue is related to a remote code execution vulnerability in the Android media framework, specifically in the libstagefright library. This vulnerability is associated with inadequate access control. Exploitation of this issue may allow a remote attacker to execute arbitrary code. **Recommendations** For Android versions 6.0 through 8.0, update to a version that contains a fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Android versions 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2 **Description** The issue is related to an elevation of privilege vulnerability in the Android framework, which is associated with insufficient access control. This vulnerability can be exploited by a remote attacker to gain elevated privileges. **Recommendations** For Android versions 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Android versions 6.0 through 7.1.2 **Description** The issue is related to an elevation of privilege vulnerability in the Android media framework, which can be exploited by a remote attacker to gain elevated privileges. This vulnerability is associated with inadequate access control in the Android operating system. **Recommendations** For Android versions 6.0 through 7.1.2, update to a version that contains a fix for this issue, as no specific workaround or mitigation measures are provided. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Android versions 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2 **Description** The issue is related to a remote code execution vulnerability in the Android media framework. It is also associated with insufficient access control in the Android operating system, which can allow a remote attacker to execute arbitrary code. **Recommendations** For Android versions 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Android versions 6.0 through 7.1.2 **Description** The issue is related to a remote code execution vulnerability in the Android media framework. It is associated with insufficient access control in the Android operating system. Exploitation of this issue may allow a remote attacker to execute arbitrary code. **Recommendations** For Android versions 6.0 through 7.1.2, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Android versions 6.0 through 7.1.2 **Description** The issue is related to a remote code execution vulnerability in the Android media framework. It is associated with insufficient access control, which can be exploited by a remote attacker to execute arbitrary code. **Recommendations** For Android versions 6.0 through 7.1.2, update to a version that contains a fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Android versions 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2 **Description** The issue is related to an elevation of privilege vulnerability in the Android framework, which is associated with insufficient access control. This vulnerability can be exploited by a remote attacker to gain elevated privileges. **Recommendations** For Android versions 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Android versions 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2 **Description** The issue is related to an elevation of privilege vulnerability in the Android framework, which is associated with insufficient access control. This vulnerability can be exploited by a remote attacker to gain elevated privileges. **Recommendations** For versions 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Android versions Kernel-3.18 **Description** The issue is related to an elevation of privilege vulnerability in the NVIDIA libomx library, which is due to inadequate access control. This vulnerability can be exploited by a remote attacker to execute arbitrary code within the context of a privileged process, allowing access to elevated capabilities that are not normally accessible to third-party applications. The issue is rated as high. **Recommendations** For Android versions Kernel-3.18, update to a version that includes the fix for this issue, as referenced by Android ID: A-31251628.

**Name of the Vulnerable Software and Affected Versions** Android versions Kernel-3.18 **Description** An elevation of privilege issue in the NVIDIA libomx library could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. **Recommendations** For Android version Kernel-3.18, at the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Android versions Kernel-3.10, Kernel-3.18 **Description** The issue is related to an elevation of privilege vulnerability in Qualcomm media codecs, which could allow a local malicious application to execute arbitrary code within the context of a privileged process. This could be used to gain local access to elevated capabilities. The vulnerability is also described as being related to insufficient access control in Qualcomm media codecs, potentially allowing a remote attacker to execute arbitrary code. **Recommendations** For Android versions Kernel-3.10, Kernel-3.18, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Android versions Kernel-3.10, Kernel-3.18 **Description** The issue is related to insufficient access control in Qualcomm media codecs for the Android operating system. It allows a remote attacker to execute arbitrary code. This problem can be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. **Recommendations** For Android versions Kernel-3.10, Kernel-3.18, update to a version that includes the fix for this issue, as referenced by Android ID: A-29982686. At the moment, there is no information about a newer version that contains a fix for this vulnerability.