What is the severity of CVE-2017-0393?

CVE-2017-0393 is rated as High due to the potential for remote denial of service.

How do I fix CVE-2017-0393?

To mitigate CVE-2017-0393, upgrade your Android version to a patch that addresses this vulnerability.

What products are affected by CVE-2017-0393?

CVE-2017-0393 affects multiple versions of Android including 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, and 7.0.

What type of attack can exploit CVE-2017-0393?

CVE-2017-0393 can be exploited by a remote attacker using a specially crafted file to cause device hang or reboot.

When was CVE-2017-0393 reported?

CVE-2017-0393 was identified in the security bulletin released on January 1, 2017.

Vulnerability/
CVE-2017-0393

high

7.1

3/1/2017

12/1/2017

20/4/2025

CVE-2017-0393

First published: Tue Jan 03 2017(Updated: )

A denial of service vulnerability in libvpx in Mediaserver could enable a remote attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1. Android ID: A-30436808.

Credit: security@android.com

Affected Software	Affected Version	How to fix
Android	=4.0
Android	=4.0.1
Android	=4.0.2
Android	=4.0.3
Android	=4.0.4
Android	=4.1
Android	=4.1.2
Android	=4.2
Android	=4.2.1
Android	=4.2.2
Android	=4.3
Android	=4.3.1
Android	=4.4
Android	=4.4.1
Android	=4.4.2
Android	=4.4.3
Android	=4.4.4
Android	=5.0
Android	=5.0.1
Android	=5.0.2
Android	=5.1
Android	=5.1.0
Android	=5.1.1
Android	=6.0
Android	=6.0.1
Android	=7.0
Android	=7.1.0
Android
	=4.0
	=4.0.1
	=4.0.2
	=4.0.3
	=4.0.4
	=4.1
	=4.1.2
	=4.2
	=4.2.1
	=4.2.2
	=4.3
	=4.3.1
	=4.4
	=4.4.1
	=4.4.2
	=4.4.3
	=4.4.4
	=5.0
	=5.0.1
	=5.0.2
	=5.1
	=5.1.0
	=5.1.1
	=6.0
	=6.0.1
	=7.0
	=7.1.0

Remedy

https://android.googlesource.com/platform/external/libvpx/+/6886e8e0a9db2dbad723dc37a548233e004b33bc

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2017-0393?
CVE-2017-0393 is rated as High due to the potential for remote denial of service.
How do I fix CVE-2017-0393?
To mitigate CVE-2017-0393, upgrade your Android version to a patch that addresses this vulnerability.
What products are affected by CVE-2017-0393?
CVE-2017-0393 affects multiple versions of Android including 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, and 7.0.
What type of attack can exploit CVE-2017-0393?
CVE-2017-0393 can be exploited by a remote attacker using a specially crafted file to cause device hang or reboot.
When was CVE-2017-0393 reported?
CVE-2017-0393 was identified in the security bulletin released on January 1, 2017.

agent/type
agent/first-publish-date
agent/references
agent/author
agent/severity
agent/remedy
agent/description
collector/mitre-cve
source/MITRE
agent/event
agent/last-modified-date
agent/source
collector/nvd-index
agent/software-canonical-lookup-request
agent/softwarecombine
agent/tags
collector/android-source
source/Android
agent/software-canonical-lookup
collector/nvd-api
source/NVD
vendor/google
canonical/android
version/android/4.0
version/android/4.0.1
version/android/4.0.2
version/android/4.0.3
version/android/4.0.4
version/android/4.1
version/android/4.1.2
version/android/4.2
version/android/4.2.1
version/android/4.2.2
version/android/4.3
version/android/4.3.1
version/android/4.4
version/android/4.4.1
version/android/4.4.2
version/android/4.4.3
version/android/4.4.4
version/android/5.0
version/android/5.0.1
version/android/5.0.2
version/android/5.1
version/android/5.1.0
version/android/5.1.1
version/android/6.0
version/android/6.0.1
version/android/7.0
version/android/7.1.0