CVE-2017-13197

Name of the Vulnerable Software and Affected Versions: Android versions 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1

Description: The issue is related to the ihevcd parse slice.c function, where slave threads are not joined in case of an error. This could lead to a remote denial of service of a critical system process without requiring additional execution privileges. User interaction is not necessary for exploitation.

Recommendations: For Android versions 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1, consider applying a patch that fixes the issue in the ihevcd parse slice.c function to prevent slave threads from not being joined in case of an error. At the moment, there is no information about a newer version that contains a fix for this vulnerability.