1
Candidate: CVE-2015-6616
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6616
5
http://source.android.com/security/bulletin/2015-12-01.html
7
mediaserver in Android before 5.1.1 LMY48Z and 6.0 before 2015-12-01 allows
8
remote attackers to execute arbitrary code or cause a denial of service
9
(memory corruption) via a crafted media file, aka internal bugs 24630158
10
and 23882800, a different vulnerability than CVE-2015-8505, CVE-2015-8506,
14
jdstrand> as with previous stagefright issues, this MPEG4Extractor.cpp issue
15
affects Ubuntu's android packages, but not in a way that is exposed to apps.
16
See CVE-2015-1538 for details
19
Discovered-by: Peter Pi, Natalie Silvanovich, Abhishek Arya, Oliver Chang, and Martin Barbella
22
Tags_android: apparmor
24
upstream: https://android.googlesource.com/platform%2Fframeworks%2Fav/+/77c185d5499d6174e7a97b3e1512994d3a803151
25
upstream: https://android.googlesource.com/platform%2Fframeworks%2Fav/+/0d35dd2068d6422c3c77fb68f248cbabf3d0b10c
26
upstream: https://android.googlesource.com/platform%2Fframeworks%2Fav/+/dedaca6f04ac9f95fabe3b64d44cd1a2050f079e
27
upstream: https://android.googlesource.com/platform%2Fframeworks%2Fav/+/5d101298d8b0a78a1dc5bd26dbdada411f4ecd4d
28
upstream: https://android.googlesource.com/platform%2Fexternal%2Flibavc/+/2ee0c1bced131ffb06d1b430b08a202cd3a52005
29
upstream_android: released (6.0 2015-12-01)
31
trusty_android: ignored
32
vivid_android: ignored
33
vivid/stable-phone-overlay_android: ignored
34
vivid/ubuntu-core_android: DNE
36
devel_android: ignored