cbcvebase.
CVE-2015-3826
published 2015-10-01

CVE-2015-3826: The MPEG4Extractor::parse3GPPMetaData function in MPEG4Extractor.cpp in libstagefright in Android before 5.1.1 LMY48I does not enforce a minimum size for…

PriorityP341medium5CVSS 2.0
AVNACLAuNCNINAP
EPSS
73.57%
99.4th percentile
The MPEG4Extractor::parse3GPPMetaData function in MPEG4Extractor.cpp in libstagefright in Android before 5.1.1 LMY48I does not enforce a minimum size for UTF-16 strings containing a Byte Order Mark (BOM), which allows remote attackers to cause a denial of service (integer underflow, buffer over-read, and mediaserver process crash) via crafted 3GPP metadata, aka internal bug 20923261, a related issue to CVE-2015-3828.

Affected

2 ranges
VendorProductVersion rangeFixed in
googleandroid<= 5.1
googleandroid

Detection & IOCsextracted from sources · hover to see the quote

  • CVE-2015-3826 affects libstagefright's MPEG4Extractor on Android 5.0 and 5.1; look for crafted 3GPP metadata in media files targeting these versions
  • The related issue CVE-2015-3828 involves integer underflow and memory corruption via crafted 3GPP metadata with UTF-16 strings containing a Byte Order Mark (BOM) with insufficient size enforcement in MPEG4Extractor.cpp; monitor parsing of 3GPP metadata in libstagefright
  • ·CVE-2015-3826 is rated LOW severity and affects only Android AOSP versions 5.0 and 5.1; devices running Android 5.1.1 LMY48I or later are patched
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.