PT-2017-1080 · Google+1 · Android+1

V.E.O

Published

2017-01-12

Updated

2019-10-03

CVE-2017-0381

CVSS v2.0

9.3

High

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Android versions 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1

Description An information disclosure issue in the libopus Mediaserver could allow a local malicious application to access data outside of its permission levels. This could be used to access sensitive data without permission. The issue is caused by a buffer overflow in the silk/NLSF stabilize.c function.

Recommendations For versions 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1, update to a version that includes the fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Buffer Overflow

Integer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119CWE-190

Related Identifiers

BDU:2017-00172

CVE-2017-0381

DLA-793-1

MGASA-2017-0029

OPENSUSE-SU-2017_0510-1

OPENSUSE-SU-2024:11132-1

SUSE-SU-2017:0436-1

SUSE-SU-2017_0436-1

Affected Products

Android

Suse

PT-2017-1080 · Google+1 · Android+1

CVE-2017-0381

Weakness Enumeration

Related Identifiers

Affected Products

References · 25