CVE-2016-3756

Name of the Vulnerable Software and Affected Versions Android versions prior to 4.4.4 Android versions 5.0.x prior to 5.0.2 Android versions 5.1.x prior to 5.1.1 Android versions 6.x before 2016-07-01

Description The issue is related to the lack of partition number validation in the Tremolo/res012.c file of the Android mediaserver. This can be exploited by a remote attacker using a specially crafted media file, potentially causing a denial of service, which may result in the device hanging or rebooting.

Recommendations For Android versions prior to 4.4.4, update to version 4.4.4 or later. For Android versions 5.0.x prior to 5.0.2, update to version 5.0.2 or later. For Android versions 5.1.x prior to 5.1.1, update to version 5.1.1 or later. For Android versions 6.x before 2016-07-01, update to a version released on or after 2016-07-01.