Vulnerability Description
The MPEG4Extractor::parseChunk function in MPEG4Extractor.cpp in libstagefright in Android before 5.1.1 LMY48I does not validate the relationship between chunk sizes and skip sizes, which allows remote attackers to execute arbitrary code or cause a denial of service (integer underflow and memory corruption) via crafted MPEG-4 covr atoms, aka internal bug 20923261.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Android | <= 5.1 |
Related Weaknesses (CWE)
References
- http://www.huawei.com/en/psirt/security-advisories/hw-448928
- http://www.securityfocus.com/bid/76052
- http://www.securitytracker.com/id/1033094
- http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/
- https://android.googlesource.com/platform/frameworks/av/+/f4a88c8ed4f8186b3d6e28Vendor Advisory
- https://groups.google.com/forum/message/raw?msg=android-security-updates/Ugvu3fiVendor Advisory
- http://www.huawei.com/en/psirt/security-advisories/hw-448928
- http://www.securityfocus.com/bid/76052
- http://www.securitytracker.com/id/1033094
- http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/
- https://android.googlesource.com/platform/frameworks/av/+/f4a88c8ed4f8186b3d6e28Vendor Advisory
- https://groups.google.com/forum/message/raw?msg=android-security-updates/Ugvu3fiVendor Advisory
FAQ
What is CVE-2015-3827?
CVE-2015-3827 is a vulnerability with a CVSS score of 9.3 (HIGH). The MPEG4Extractor::parseChunk function in MPEG4Extractor.cpp in libstagefright in Android before 5.1.1 LMY48I does not validate the relationship between chunk sizes and skip sizes, which allows remot...
How severe is CVE-2015-3827?
CVE-2015-3827 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2015-3827?
Check the references section above for vendor advisories and patch information. Affected products include: Google Android.