EUVD-2017-0991

Malware in sbrugna...

EUVD-2017-0894

Malware in sbrugna...

EUVD-2017-0941

Malware in sbrugna...

LG G4 MRA58K - 'liblg_parser_mkv.so' Bad Allocation Calls

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1102 In both of the following functions mkvparser::AudioTrack::AudioTrackmkvparser::Segment, mkvparser::Track::Info const&, long long, long long mkvparser::VideoTrack::VideoTrackmkvparser::Segment, mkvparser::Track::Info const&, lo...

CVE-2017-0540

A remote code execution vulnerability in libhevc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the...

Google Android Remote Code Execution Vulnerability

Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA. A remote code execution vulnerability exists in Google Android, which can be exploited by an attacker to execute arbitrary code in the context of the mediaserver process. A failed...

CVE-2015-3826

The MPEG4Extractor::parse3GPPMetaData function in MPEG4Extractor.cpp in libstagefright in Android before 5.1.1 LMY48I does not enforce a minimum size for UTF-16 strings containing a Byte Order Mark BOM, which allows remote attackers to cause a denial of service integer underflow, buffer over-read...

CVE-2015-3826

The CVE-2015-3826 issue affects Android’s media stack in libstagefright (MPEG4Extractor.cpp) where MPEG4Extractor::parse3GPPMetaData does not enforce a minimum size for UTF-16 BOM strings. This can enable a remote attacker to trigger a crash in mediaserver via crafted 3GPP metadata (integer under...