Elphet

**Name of the Vulnerable Software and Affected Versions** Bixby versions prior to 2.3.74.8 **Description** The issue is related to the improper handling of insufficient permission in Bixby wakeup, allowing local attackers to access sensitive data. **Recommendations** For versions prior to 2.3.74.8, update to version 2.3.74.8 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive data until the update is applied.

**Name of the Vulnerable Software and Affected Versions** Smartphones (affected versions not specified) **Description** The issue is a Denial of Service (DoS) vulnerability. Successful exploitation of this vulnerability may affect service availability. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Android versions 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0 **Description** The issue is related to a denial of service vulnerability in the Android media framework, specifically in the libstagefright library. It is also associated with inadequate access control, which could allow a remote attacker to execute arbitrary code in the context of a privileged process. **Recommendations** For Android versions 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, consider restricting access to the libstagefright library as a temporary mitigation measure until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Android versions 7.0, 7.1.1, 7.1.2 **Description** A denial of service issue exists in the Android media framework, specifically in the libskia library, due to inadequate access control. This can be exploited by a remote attacker to cause a denial of service. The issue is related to the libhevc library in the Media Framework service of the Android operating system. **Recommendations** For Android versions 7.0, 7.1.1, 7.1.2, consider restricting access to the libskia and libhevc libraries as a temporary workaround until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Android versions 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2 **Description** The issue is related to a denial of service vulnerability in the Android media framework, specifically in the libstagefright library. It is associated with inadequate access control, which could allow a remote attacker to execute arbitrary code in the context of a privileged process. **Recommendations** For Android versions 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, at the moment, there is no information about a newer version that contains a fix for this vulnerability.