CVE-2016-0816

Publication date 12 March 2016

Last updated 25 August 2025


Ubuntu priority

Cvss 3 Severity Score

9.8 · Critical

Score breakdown

Description

mediaserver in Android 6.x before 2016-03-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, related to decoder/ih264d_parse_islice.c and decoder/ih264d_parse_pslice.c, aka internal bug 25928803.

Status

Package Ubuntu Release Status
android 18.04 LTS bionic Not in release
17.10 artful Not in release
17.04 zesty
Fixed 20160307-0742-0ubuntu3
16.10 yakkety
Fixed 20160307-0742-0ubuntu3
16.04 LTS xenial
Fixed 20160307-0742-0ubuntu3
15.10 wily Ignored end of life
14.04 LTS trusty Not in release
12.04 LTS precise Not in release

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package Patch details
android

Severity score breakdown

CVSS version: CVSS v3.0

Base score 9.8 · Critical

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H


Access our resources on patching vulnerabilities