Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2017-0381

An information disclosure vulnerability in silk/NLSF_stabilize.c in libopus in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1. Android ID: A-31607432.

Related bugs and status

CVE-2017-0381 (Candidate) is related to these bugs:

Bug #1771981: Sync opus 1.3~beta+20180518-1 (main) from Debian sid (main)

Summary				In	Importance	Status
	1771981	Sync opus 1.3~beta+20180518-1 (main) from Debian sid (main)		opus (Ubuntu)	Wishlist	Fix Released

See the

CVE page on Mitre.org for more details.

References

CONFIRM: https://android.google...
CONFIRM: https://source.android...
BID: 95248
GENTOO: GLSA-201702-21
SECTRACK: 1039427
CONFIRM: https://support.apple....
CONFIRM: https://support.apple....
CONFIRM: https://support.apple....
CONFIRM: https://support.apple....