Integer overflows in addVorbisCodecInfo function in libstagefright in mediaserver in Android before 5.1.1 LMY48M

CVE-2015-3861 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

Multiple integer overflows in the addVorbisCodecInfo function in matroska/MatroskaExtractor.cpp in libstagefright in mediaserver in Android before 5.1.1 LMY48M allow remote attackers to cause a denial of service (device inoperability) via crafted Matroska data, aka internal bug 21296336.

Learn more about our Cis Benchmark Audit For Google Android.