CVE-2021-39667

Name of the Vulnerable Software and Affected Versions Android versions Android-10 through Android-12

Description The issue is related to a heap buffer overflow in the ih264d parse decode slice function of ih264d parse slice.c, which could lead to remote information disclosure without requiring additional execution privileges. User interaction is necessary for exploitation.

Recommendations For Android versions Android-10 through Android-12, consider restricting access to the ih264d parse decode slice function until a patch is available. As a temporary workaround, avoid using the affected function in situations where user interaction could be exploited. At the moment, there is no information about a newer version that contains a fix for this vulnerability.