CVE Vulnerabilities

CVE-2017-0774

Unchecked Return Value

Published: Sep 08, 2017 | Modified: Oct 03, 2019
CVSS 3.x
5.5
MEDIUM
Source:
NVD
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
CVSS 2.x
7.1 HIGH
AV:N/AC:M/Au:N/C:N/I:N/A:C
RedHat/V2
RedHat/V3
Ubuntu

A denial of service vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-62673844.

Weakness

The product does not check the return value from a method or function, which can prevent it from detecting unexpected states and conditions.

Affected Software

Name Vendor Start Version End Version
Android Google 7.1.0 7.1.0
Android Google 7.1.2 7.1.2
Android Google 5.1.0 5.1.0
Android Google 4.2 4.2
Android Google 4.1 4.1
Android Google 5.0.2 5.0.2
Android Google 6.0.1 6.0.1
Android Google 6.0 6.0
Android Google 4.0.2 4.0.2
Android Google 4.4.3 4.4.3
Android Google 4.0.4 4.0.4
Android Google 4.3 4.3
Android Google 4.0.1 4.0.1
Android Google 4.4.4 4.4.4
Android Google 7.0 7.0
Android Google 4.2.1 4.2.1
Android Google 5.0.1 5.0.1
Android Google 5.0 5.0
Android Google 4.0.3 4.0.3
Android Google 4.0 4.0
Android Google 4.4 4.4
Android Google 4.4.1 4.4.1
Android Google 5.1.1 5.1.1
Android Google 4.2.2 4.2.2
Android Google 4.3.1 4.3.1
Android Google 4.4.2 4.4.2
Android Google 7.1.1 7.1.1
Android Google 5.1 5.1
Android Google 4.1.2 4.1.2

Potential Mitigations

References