← Back

CVE-2017-0641

nvd nist
Published: Jun 14, 2017Modified: May 13, 2026

JSON object

Loading...
5.5
Vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Exploitability: 1.8 / Impact: 3.6
Source: NVD

Description

A remote denial of service vulnerability in libvpx in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34360591.

Affected (8)

Products: Google: Android
Google
1 product
Android
Configuration A
8 vulnerable
Vulnerable SoftwareAffected Versions
Google
Android
Version 4.4.4
Android
Version 5.0.2
Android
Version 5.1.1
Android
Version 6.0.1
Android
Version 6.0
Android
Version 7.0
Android
Version 7.1.1
Android
Version 7.1.2

Related CWEs

CWE-665
Improper Initialization
The product does not initialize or incorrectly initializes a resource, which might leave the resource in an unexpected state when it is accessed or used.

References (8)

Source: security@android.com
Third Party AdvisoryVDB Entry
Source: security@android.com
Source: security@android.com
Mailing ListVendor Advisory
Source: security@android.com
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory

Timeline

No history available yet.