CVE-2017-0406

Name of the Vulnerable Software and Affected Versions Android versions 6.0 through 7.1.1

Description The issue is caused by a buffer overflow in the Mediaserver service of the Android operating system. This can be exploited by a remote attacker using a specially crafted file to inject arbitrary code, potentially causing memory corruption during media file or data processing. The issue affects the libhevc library and is considered critical due to the possibility of remote code execution within the context of the Mediaserver process.

Recommendations For Android versions 6.0 through 7.1.1, update to a version that contains a fix for this issue to prevent potential memory corruption and arbitrary code execution. At the moment, there is no information about a newer version that contains a fix for this vulnerability.