CVE-2017-0541

HIGH

Google Android - Memory Corruption

Title source: rule

Description

A remote code execution vulnerability in sonivox in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-34031018.

Exploits (3)

nomisec STUB

by likekabin · poc

https://github.com/likekabin/CVE-2017-0541

View Code ZIP pw:eip

nomisec STUB

by C0dak · poc

https://github.com/C0dak/CVE-2017-0541

View Code ZIP pw:eip

inthewild

poc

https://github.com/jioundai/cve-2017-0541

View on inthewild

References (5)

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/97330

[Issue Tracking, Patch, Third Party Advisory] https://android.googlesource.com/platform/external/sonivox/+/56d153259cc3e16a6a0014199a2317dde333c978

[Various Sources] https://github.com/JiounDai/CVE-2017-0541

[Vendor Advisory] https://source.android.com/security/bulletin/2017-04-01

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id/1038201

Scores

CVSS v3 7.8

EPSS 0.0461

EPSS Percentile 89.3%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE

CWE-119

Status published

Products (35)

google/android 4.0

google/android 4.0.1

google/android 4.0.2

google/android 4.0.3

google/android 4.0.4

google/android 4.1

google/android 4.1.2

google/android 4.2

google/android 4.2.1

google/android 4.2.2

... and 25 more

Published Apr 07, 2017

Tracked Since Feb 18, 2026