Details: In the initDecoder function of SoftAVCDec, there is a possible out-of-bounds write to mCodecCtx due to a use after free when buffer allocation fails. This could lead to remote code execution as a privileged process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-66969281. [NIST-CVE-2017-13178]
Discovered by: Chi Zhang and Mingjian Zhou (@Mingjian_Zhou) of C0RE Team [Discovery-CVE-2017-13178] on: Unknown