CVE-2015-3826

Severity Level: High
AppRisk Coverage: No
Type: Vulnerability
OWASP: M4: Unintended Data Leakage
Aliases:

• Stagefright vulnerability

Platform: Android
File size (bytes): N/A
Filename: N/A
App title: N/A
MD5 Hash: N/A
SHA1 hash: N/A
Affected CVE:

• CVE-2015-3826

Details or analysis:

This is one of several vulnerabilities, also known as “Stagefright vulnerabilities”, in the Android library “libstagefright“. The library is responsible for processing multimedia files.

This specific vulnerability is due to multiple integer overflows in the “MPEG4Extractor::parse3GPPMetaData” function in “MPEG4Extractor.cpp” within libstagefright and affects Android OS prior to 5.1.1. The vulnerability exists because the responsible code does not enforce a minimum size for UTF-16 strings containing a Byte Order Mark (BOM).

If successfully exploited, the vulnerability could allow a malicious application or individual to execute arbitrary code with elevated privileges, or cause a denial of service, via a crafted 3GPP metadata. This vulnerability is related to CVE-2015-3828.

In an attack scenario involving MMS, an attacker could send attack code via a multimedia file that, when received, could auto-execute.

The vulnerabilities affect Android OS versions from 2.2 (Froyo) and prior to 5.1.1 r9 (Lollipop).

The Android Open Source Project (AOSP) has released Android 5.1.1 r9 to address the vulnerabilities. Android Marshmallow with Security Patch Level of November 1, 2015 or later also addresses the vulnerabilities.

For more information, see the reference links.

Reference:

• https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3826
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3826