CVE-2017-0641

EUVD-2017-0995
A remote denial of service vulnerability in libvpx in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34360591.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.5 MEDIUM
LOCAL
LOW
NONE
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 85%
Affected Products (NVD)
VendorProductVersion
googleandroid
4.4.4
googleandroid
5.0.2
googleandroid
5.1.1
googleandroid
6.0
googleandroid
6.0.1
googleandroid
7.0
googleandroid
7.1.1
googleandroid
7.1.2
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
libvpx
bookworm
unimportant
bookworm (security)
unimportant
bullseye
unimportant
bullseye (security)
unimportant
sid
unimportant
trixie
unimportant
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
android
artful
dne
bionic
dne
trusty
dne
xenial
ignored
yakkety
ignored
zesty
ignored
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/98868
http://www.securitytracker.com/id/1038623
https://android.googlesource.com/platform/external/libvpx/+/698796fc930baecf5c3fdebef17e73d5d9a58bcb
https://source.android.com/security/bulletin/2017-06-01
http://www.securityfocus.com/bid/98868
http://www.securitytracker.com/id/1038623
https://android.googlesource.com/platform/external/libvpx/+/698796fc930baecf5c3fdebef17e73d5d9a58bcb
https://source.android.com/security/bulletin/2017-06-01