libstagefright in mediaserver in Android 4.x prior to 4.4.4, 5.x prior to 5.1.1 LMY49G, and 6.x prior to 2016-02-01 allows remote malicious users to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file that triggers a large memory allocation in the (1) SoftMPEG4Encoder or (2) SoftVPXEncoder component, aka internal bug 25812794.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
google android 6.0.1 |
||
google android 4.3.1 |
||
google android 4.3 |
||
google android 4.2.2 |
||
google android 4.2.1 |
||
google android 5.0.2 |
||
google android 5.0.1 |
||
google android 5.0 |
||
google android 4.4.4 |
||
google android 4.0.3 |
||
google android 4.0.2 |
||
google android 4.0.1 |
||
google android 4.0 |
||
google android 5.1.1 |
||
google android 5.1 |
||
google android 4.4.3 |
||
google android 4.4.1 |
||
google android 4.1.2 |
||
google android 4.0.4 |
||
google android 6.0 |
||
google android 5.1.0 |
||
google android 4.4.2 |
||
google android 4.4 |
||
google android 4.2 |
||
google android 4.1 |
Google today patched Nexus devices in an over-the-air update against a critical vulnerability that could be exploited by an attacker on the same Wi-Fi network.
The patch addresses multiple vulnerabilities in the Broadcom Wi-Fi driver that could be abused to allow for remote code execution. The patches were pushed out in builds LMY49G or later to Nexus devices and shared on Jan. 4 with carrier and manufacturer partners. The fixes are expected to be released to the Android Open Source Projec...
Vulmon