What is the severity of CVE-2016-6712?

CVE-2016-6712 is rated as High due to its potential to allow remote denial of service attacks.

How do I fix CVE-2016-6712?

To fix CVE-2016-6712, you should update to Android 4.4.4 or later, or any subsequently released version that addresses this vulnerability.

Which versions of Android are affected by CVE-2016-6712?

CVE-2016-6712 affects Android versions prior to 4.4.4, 5.0.2, 5.1.1, and 6.x prior to November 1, 2016.

How does CVE-2016-6712 impact users?

CVE-2016-6712 allows attackers to use specially crafted files to cause device hangs or reboots, affecting usability and security.

Is there a workaround for CVE-2016-6712 if I cannot update my Android device?

Currently, there is no known workaround for CVE-2016-6712, so upgrading to an unaffected version is strongly recommended.

Vulnerability/
CVE-2016-6712

high

7.1

CWE

7/11/2016

13/12/2016

26/8/2024

CVE-2016-6712: Input Validation

First published: Mon Nov 07 2016(Updated: )

A remote denial of service vulnerability in libvpx in Mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-11-01 could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. Android ID: A-30593752.

Credit: security@android.com

Affected Software	Affected Version	How to fix
Android
Android	=4.0
Android	=4.0.1
Android	=4.0.2
Android	=4.0.3
Android	=4.0.4
Android	=4.1
Android	=4.1.2
Android	=4.2
Android	=4.2.1
Android	=4.2.2
Android	=4.3
Android	=4.3.1
Android	=4.4
Android	=4.4.1
Android	=4.4.2
Android	=4.4.3
Android	=5.0
Android	=5.0.1
Android	=5.1
Android	=5.1.0
Android	=6.0
Android	=6.0.1

Remedy

https://android.googlesource.com/platform/external/libvpx/+/fdb1b40e7bb147c07bda988c9501ad223795d12d

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2016-6712?
CVE-2016-6712 is rated as High due to its potential to allow remote denial of service attacks.
How do I fix CVE-2016-6712?
To fix CVE-2016-6712, you should update to Android 4.4.4 or later, or any subsequently released version that addresses this vulnerability.
Which versions of Android are affected by CVE-2016-6712?
CVE-2016-6712 affects Android versions prior to 4.4.4, 5.0.2, 5.1.1, and 6.x prior to November 1, 2016.
How does CVE-2016-6712 impact users?
CVE-2016-6712 allows attackers to use specially crafted files to cause device hangs or reboots, affecting usability and security.
Is there a workaround for CVE-2016-6712 if I cannot update my Android device?
Currently, there is no known workaround for CVE-2016-6712, so upgrading to an unaffected version is strongly recommended.

agent/type
agent/first-publish-date
agent/references
agent/severity
agent/weakness
agent/remedy
agent/author
agent/description
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/event
agent/source
agent/tags
collector/android-source
source/Android
agent/software-canonical-lookup
agent/software-canonical-lookup-request
collector/nvd-index
vendor/google
canonical/android
version/android/4.0
version/android/4.0.1
version/android/4.0.2
version/android/4.0.3
version/android/4.0.4
version/android/4.1
version/android/4.1.2
version/android/4.2
version/android/4.2.1
version/android/4.2.2
version/android/4.3
version/android/4.3.1
version/android/4.4
version/android/4.4.1
version/android/4.4.2
version/android/4.4.3
version/android/5.0
version/android/5.0.1
version/android/5.1
version/android/5.1.0
version/android/6.0
version/android/6.0.1