Ramesh Katuri

**Name of the Vulnerable Software and Affected Versions** Android versions Android-9.0 **Description** The issue is related to a possible out of bounds write in the `ixheaacd real synth fft p3` function of `ixheaacd esbr fft.c` due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is required for exploitation. The vulnerability is associated with a buffer overflow in the Media framework component of the Android operating system, which can allow a remote attacker to execute arbitrary code. **Recommendations** For Android version Android-9.0, update to a version that includes the fix for this issue. As a temporary workaround, consider restricting access to the `ixheaacd real synth fft p3` function until a patch is available.