CVE-2017-13178
CVE-2017-13178 affects Android Media Framework (SoftAVCDec). In initDecoder, a use-after-free can cause an out-of-bounds write to mCodecCtx when buffer allocation fails, enabling remote code execution in a privileged process without user interaction. Affected Android versions: 6.0.1, 7.0, 7.1.1, ...