Max CVSS | 10.0 | Min CVSS | 7.2 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2017-13193 | 7.8 |
In ihevcd_decode.c there is a possible infinite loop due to bytes for an sps of unsupported resolution resulting in the same sps being fed in over and over. This could lead to a remote denial of service of a critical system process with no additional
|
03-10-2019 - 00:03 | 12-01-2018 - 23:29 | |
CVE-2017-13196 | 7.8 |
In several places in ihevcd_decode.c, a dead loop could occur due to incomplete frames which could lead to memory leaks. This could lead to a remote denial of service of a critical system process with no additional execution privileges needed. User i
|
03-10-2019 - 00:03 | 12-01-2018 - 23:29 | |
CVE-2017-13191 | 7.8 |
In the ihevcd_decode function of ihevcd_decode.c, there is an infinite loop due to an incomplete frame error. This could lead to a remote denial of service of a critical system process with no additional execution privileges needed. User interaction
|
03-10-2019 - 00:03 | 12-01-2018 - 23:29 | |
CVE-2017-13192 | 7.8 |
In the ihevcd_parse_slice_header function of ihevcd_parse_slice_header.c a slice address of zero after the first slice could result in an infinite loop. This could lead to a remote denial of service of a critical system process with no additional exe
|
03-10-2019 - 00:03 | 12-01-2018 - 23:29 | |
CVE-2017-13199 | 7.8 |
In Bitmap.ccp if Bitmap.nativeCreate fails an out of memory exception is not thrown leading to a java.io.IOException later on. This could lead to a remote denial of service of a critical system process with no additional execution privileges needed.
|
03-10-2019 - 00:03 | 12-01-2018 - 23:29 | |
CVE-2017-13195 | 7.8 |
In the ihevcd_parse_sps function of ihevcd_parse_headers.c, several parameter values could be negative which could lead to negative indexes which could lead to an infinite loop. This could lead to a remote denial of service of a critical system proce
|
03-10-2019 - 00:03 | 12-01-2018 - 23:29 | |
CVE-2017-0855 | 7.8 |
In MPEG4Extractor.cpp, there are several places where functions return early without cleaning up internal buffers which could lead to memory leaks. This could lead to remote denial of service of a critical system process with no additional execution
|
03-10-2019 - 00:03 | 12-01-2018 - 23:29 | |
CVE-2017-13181 | 7.2 |
In the doGetThumb and getThumbnail functions of MtpServer, there is a possible double free due to not NULLing out a freed pointer. This could lead to an local elevation of privilege enabling code execution as a privileged process with no additional e
|
02-02-2018 - 17:31 | 12-01-2018 - 23:29 | |
CVE-2017-13180 | 7.2 |
In the onQueueFilled function of SoftAVCDec, there is a possible out-of-bounds write due to a use after free if a bad header causes the decoder to get caught in a loop while another thread frees the memory it's accessing. This could lead to a local e
|
02-02-2018 - 17:31 | 12-01-2018 - 23:29 | |
CVE-2017-13182 | 7.2 |
In the sendFormatChange function of ACodec, there is a possible integer overflow which could lead to an out-of-bounds write. This could lead to a local elevation of privilege enabling code execution as a privileged process with no additional executio
|
02-02-2018 - 17:30 | 12-01-2018 - 23:29 | |
CVE-2017-13184 | 7.2 |
In the enableVSyncInjections function of SurfaceFlinger, there is a possible use after free of mVSyncInjector. This could lead to a local elevation of privilege enabling code execution as a privileged process with no additional execution privileges n
|
02-02-2018 - 17:10 | 12-01-2018 - 23:29 | |
CVE-2017-13179 | 10.0 |
In the ihevcd_allocate_static_bufs and ihevcd_create functions of SoftHEVC, there is a possible out-of-bounds write due to a use after free. Both ps_codec_obj and ps_create_op->s_ivd_create_op_t.pv_handle point to the same memory and ps_codec_obj cou
|
02-02-2018 - 14:49 | 12-01-2018 - 23:29 | |
CVE-2017-13197 | 7.8 |
In the ihevcd_parse_slice.c function, slave threads are not joined if there is an error. This could lead to a remote denial of service of a critical system process with no additional execution privileges needed. User interaction is not needed for exp
|
01-02-2018 - 21:18 | 12-01-2018 - 23:29 | |
CVE-2017-13178 | 10.0 |
In the initDecoder function of SoftAVCDec, there is a possible out-of-bounds write to mCodecCtx due to a use after free when buffer allocation fails. This could lead to remote code execution as a privileged process with no additional execution privil
|
01-02-2018 - 20:49 | 12-01-2018 - 23:29 | |
CVE-2017-13177 | 10.0 |
In several functions of libhevc, NEON registers are not preserved. This could lead to remote code execution as a privileged process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Ver
|
01-02-2018 - 20:46 | 12-01-2018 - 23:29 |