Details: In impeg2d_dec_pic_data_thread of impeg2d_dec_hdr.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege when running multi threaded with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-69269702. [NIST-CVE-2017-13251]
Discovered by: Zinuo Han from Chengdu Security Response Center of Qihoo 360 Technology Co. Ltd. [Discovery-CVE-2017-13251] on: Unknown