Candidate: CVE-2016-0835
PublicDate: 2016-04-18 00:59:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0835
 https://android.googlesource.com/platform/external/libmpeg2/+/ba604d336b40fd4bde1622f64d67135bdbd61301
 https://android.googlesource.com/platform/external/libmpeg2/+/58a6822d7140137ce957c6d2fc20bae1374186c1
 http://source.android.com/security/bulletin/2016-04-02.html
Description:
 decoder/impeg2d_dec_hdr.c in mediaserver in Android 6.x before 2016-04-01
 allows remote attackers to execute arbitrary code or cause a denial of
 service (memory corruption) via a crafted media file that triggers a
 certain negative value, aka internal bug 26070014.
Ubuntu-Description:
Notes:
Bugs:
Priority: high
Discovered-by: Anestis Bechtsoudis
Assigned-to:
CVSS:
 nvd: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H [9.8 CRITICAL]

Patches_android:
upstream_android: released (6.x 2016-04-01)
precise_android: DNE
precise/esm_android: DNE
trusty_android: ignored (abandoned)
trusty/esm_android: DNE (trusty was ignored [abandoned])
vivid/stable-phone-overlay_android: ignored (reached end-of-life)
vivid/ubuntu-core_android: DNE
wily_android: ignored (reached end-of-life)
xenial_android: ignored (abandoned)
yakkety_android: ignored (reached end-of-life)
zesty_android: ignored (reached end-of-life)
artful_android: DNE
bionic_android: DNE
devel_android: DNE