CVE-2016-3742

Name of the Vulnerable Software and Affected Versions Android versions prior to 2016-07-01

Description The issue is related to the mishandling of intra mode in the decoder/ih264d process intra mb.c file within the mediaserver of Android. This allows remote attackers to execute arbitrary code or cause a denial of service due to memory corruption via a crafted media file. The vulnerability exists due to insufficient input validation.

Recommendations For Android versions prior to 2016-07-01, update the system to a version released after 2016-07-01 to resolve the issue. As a temporary workaround, consider restricting the use of media files from untrusted sources to minimize the risk of exploitation.