PT-2016-2560 · Google · Android+1
Published
2016-08-05
·
Updated
2016-11-28
·
CVE-2016-3827
CVSS v2.0
7.1
High
| Vector | AV:N/AC:M/Au:N/C:N/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
Android 6.0.1 versions prior to 2016-08-01
Description
The issue is related to the mishandling of decoder errors in the
codecs/hevcdec/SoftHEVC.cpp file within the libstagefright library of the Android media server. This allows remote attackers to cause a denial of service, resulting in a device hang or reboot, by using a crafted media file.Recommendations
For Android 6.0.1 versions prior to 2016-08-01, update the system to a version released after 2016-08-01 to resolve the issue.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Android
Libstagefright