Your submission was sent successfully! Close

You have successfully unsubscribed! Close

CVE-2017-13194

Published: 12 January 2018

A vulnerability in the Android media framework (libvpx) related to odd frame width. Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-64710201.

Notes

AuthorNote
leosilva
code in trusty is quite different needs to be tested with the POC
if possible.

Priority

Low

CVSS 3 base score: 7.5

Status

Package Release Status
libvpx
Launchpad, Ubuntu, Debian
artful Ignored
(reached end-of-life)
bionic Not vulnerable
(1.7.0-3)
cosmic Not vulnerable
(1.7.0-3)
disco Not vulnerable
(1.7.0-3)
eoan Not vulnerable
(1.7.0-3)
focal Not vulnerable
(1.7.0-3)
precise Does not exist

trusty
Released (1.3.0-2ubuntu0.1~esm1)
upstream
Released (1.3.0-3+deb8u1, 1.7.0-2)
xenial
Released (1.5.0-2ubuntu1.1)
zesty Ignored
(reached end-of-life)
Patches:
upstream: https://github.com/webmproject/libvpx/commit/5a40c8fde11bf82cccb5bd2f57c46ab5e6262cbf
upstream: https://github.com/webmproject/libvpx/commit/33c598990bc771d7367fe6282bd445e92cd856a6