Candidate: CVE-2017-0406
PublicDate: 2017-02-08 15:59:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0406
 https://source.android.com/security/bulletin/2017-02-01.html
Description:
 A remote code execution vulnerability in Mediaserver could enable an
 attacker using a specially crafted file to cause memory corruption during
 media file and data processing. This issue is rated as Critical due to the
 possibility of remote code execution within the context of the Mediaserver
 process. This affects the libhevc library. Product: Android. Versions: 6.0,
 6.0.1, 7.0, 7.1.1. Android ID: A-32915871.
Ubuntu-Description:
Notes:
Bugs:
Priority: high
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H [7.8 HIGH]

Patches_android:
upstream_android: needs-triage
precise_android: DNE
precise/esm_android: DNE
trusty_android: ignored (abandoned)
trusty/esm_android: DNE (trusty was ignored [abandoned])
vivid/stable-phone-overlay_android: ignored (reached end-of-life)
vivid/ubuntu-core_android: DNE
xenial_android: ignored (abandoned)
yakkety_android: ignored (reached end-of-life)
zesty_android: ignored (reached end-of-life)
artful_android: DNE
bionic_android: DNE
devel_android: DNE