CVE-2017-0391

Name of the Vulnerable Software and Affected Versions Android versions 6.0 through 7.1

Description The issue is related to a function in the libhevc Mediaserver of the Android operating system, specifically in the decoder/ihevcd decode.c file, and is associated with inadequate access control. This could allow a remote attacker to exploit the issue and potentially compromise information confidentiality. Additionally, a remote attacker could use a specially crafted file to cause a device hang or reboot, resulting in a denial of service.

Recommendations For Android versions 6.0 through 7.1, update to a version that includes the fix for this issue to prevent potential exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.