9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
7.8 High
AI Score
Confidence
Low
0.386 Low
EPSS
Percentile
97.3%
The MPEG4Extractor::parseChunk function in MPEG4Extractor.cpp in libstagefright in Android before 5.1.1 LMY48I does not validate the relationship between chunk sizes and skip sizes, which allows remote attackers to execute arbitrary code or cause a denial of service (integer underflow and memory corruption) via crafted MPEG-4 covr atoms, aka internal bug 20923261.
CPE | Name | Operator | Version |
---|---|---|---|
google:android | google android | le | 5.1 |
www.huawei.com/en/psirt/security-advisories/hw-448928
www.securityfocus.com/bid/76052
www.securitytracker.com/id/1033094
www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-448928.htm
android.googlesource.com/platform/frameworks/av/+/f4a88c8ed4f8186b3d6e2852993e063fc33ff231
groups.google.com/forum/message/raw?msg=android-security-updates/Ugvu3fi6RQM/yzJvoTVrIQAJ