CVE-2016-3765

Name of the Vulnerable Software and Affected Versions Android versions prior to 2016-07-01

Description The issue is related to errors in resource management in the decoder/impeg2d bitstream.c file of the Android operating system. It allows attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via a crafted application.

Recommendations For Android versions prior to 2016-07-01, update the system to a version released after 2016-07-01 to resolve the issue. As a temporary workaround, consider restricting the use of the decoder/impeg2d bitstream.c file until a patch is available. Avoid using crafted applications that could exploit this issue until the system is updated.