Candidate: CVE-2016-3765
PublicDate: 2016-07-11 02:00:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3765
 http://source.android.com/security/bulletin/2016-07-01.html
Description:
 decoder/impeg2d_bitstream.c in mediaserver in Android 6.x before 2016-07-01
 allows attackers to obtain sensitive information from process memory or
 cause a denial of service (out-of-bounds read) via a crafted application,
 aka internal bug 28168413.
Ubuntu-Description:
Notes:
Bugs:
Priority: low
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H [7.7 HIGH]

Patches_android:
 upstream: https://android.googlesource.com/platform/external/libmpeg2/+/d1c775d1d8d2ed117d1e026719b7f9f089716597
upstream_android: needs-triage
precise_android: DNE
precise/esm_android: DNE
trusty_android: ignored (abandoned)
trusty/esm_android: DNE (trusty was ignored [abandoned])
vivid/stable-phone-overlay_android: ignored (reached end-of-life)
vivid/ubuntu-core_android: DNE
wily_android: ignored (reached end-of-life)
xenial_android: ignored (abandoned)
yakkety_android: ignored (reached end-of-life)
zesty_android: ignored (reached end-of-life)
artful_android: DNE
bionic_android: DNE
devel_android: DNE