1
Candidate: CVE-2015-3864
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3864
5
https://groups.google.com/forum/message/raw?msg=android-security-updates/1M7qbSvACjo/Y7jewiW1AwAJ
6
https://android.googlesource.com/platform/frameworks/av/+/6fe85f7e15203e48df2cc3e8e1c4bc6ad49dc968
8
Integer underflow in the MPEG4Extractor::parseChunk function in
9
MPEG4Extractor.cpp in libstagefright in mediaserver in Android before 5.1.1
10
LMY48M allows remote attackers to execute arbitrary code via crafted MPEG-4
11
data, aka internal bug 23034759. NOTE: this vulnerability exists because
12
of an incomplete fix for CVE-2015-3824.
15
jdstrand> as with previous stagefright issues, this issue affects Ubuntu's
16
android packages, but not in a way that is exposed to apps. See
17
CVE-2015-1538 for details
23
Tags_android: apparmor
25
upstream_android: needs-triage
27
trusty_android: ignored
28
vivid_android: ignored
29
vivid/stable-phone-overlay_android: ignored
30
vivid/ubuntu-core_android: DNE
32
devel_android: ignored