Skip to main content

Encoding Error

CVE-2016-3828

Severity Medium
Score 5.5/10

Summary

decoder/ih264d_api.c in mediaserver in Android 6.x before 2016-08-01 mishandles invalid PPS and SPS NAL units, which allows remote attackers to cause a denial of service (device hang or reboot) via a crafted media file, aka internal bug 28835995.

  • LOW
  • LOCAL
  • NONE
  • UNCHANGED
  • REQUIRED
  • NONE
  • NONE
  • HIGH

CWE-172 - Encoding Error

The software does not properly encode or decode the data, resulting in unexpected values.

References

Advisory Timeline

  • Published