An information disclosure vulnerability in silk/NLSF_stabilize.c in libopus in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1. Android ID: A-31607432.
http://www.securityfocus.com/bid/95248
http://www.securitytracker.com/id/1039427
https://security.gentoo.org/glsa/201702-21
https://source.android.com/security/bulletin/2017-01-01.html
https://support.apple.com/HT208112
https://support.apple.com/HT208113
Source: MITRE
Published: 2017-01-12
Updated: 2019-10-03
Type: CWE-190
Base Score: 9.3
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Impact Score: 10
Exploitability Score: 8.6
Severity: HIGH
Base Score: 7.8
Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Impact Score: 5.9
Exploitability Score: 1.8
Severity: HIGH