CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS
Percentile
55.6%
The display drivers in Android before 5.1.1 LMY48Z allow remote attackers
to execute arbitrary code or cause a denial of service (memory corruption)
via a crafted media file, aka internal bug 24163261.
Author | Note |
---|---|
seth-arnold | The linked patch only fixes a compilation issue; the change message refers to 6e69a5311599cc90b654031e93b272017169f1e0 as the fix. |
source.android.com/security/bulletin/2015-12-01.html
android.googlesource.com/platform/hardware/qcom/display/+/25016fd2865943dec1a6b2b167ef85c772fb90f7%5E%21/
launchpad.net/bugs/cve/CVE-2015-6634
nvd.nist.gov/vuln/detail/CVE-2015-6634
security-tracker.debian.org/tracker/CVE-2015-6634
www.cve.org/CVERecord?id=CVE-2015-6634