CVE-2015-3827
Android < 5.1 - Remote Code Execution via Crafted MPEG-4 covr Atoms
Title source: llmDescription
The MPEG4Extractor::parseChunk function in MPEG4Extractor.cpp in libstagefright in Android before 5.1.1 LMY48I does not validate the relationship between chunk sizes and skip sizes, which allows remote attackers to execute arbitrary code or cause a denial of service (integer underflow and memory corruption) via crafted MPEG-4 covr atoms, aka internal bug 20923261.
References (6)
Core 6
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1033094
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/76052
Various Sources x_refsource_confirm
http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-448928.htm
Various Sources x_refsource_confirm
http://www.huawei.com/en/psirt/security-advisories/hw-448928
Vendor Advisory x_refsource_confirm
https://android.googlesource.com/platform/frameworks/av/+/f4a88c8ed4f8186b3d6e2852993e063fc33ff231
Vendor Advisory mailing-list
x_refsource_mlist
https://groups.google.com/forum/message/raw?msg=android-security-updates/Ugvu3fi6RQM/yzJvoTVrIQAJ
Scores
EPSS
0.8114
EPSS Percentile
99.6%
Details
CWE
CWE-119
CWE-189
Status
published
Products (1)
google/android
< 5.1
Published
Oct 01, 2015
Tracked Since
Feb 18, 2026