Critical severity9.8NVD Advisory· Published Jul 11, 2016· Updated May 6, 2026

CVE-2016-3745

Description

Multiple buffer overflows in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 allow attackers to gain privileges via a crafted application that provides an AudioEffect reply, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 28173666.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

source.android.com/security/bulletin/2016-07-01.htmlnvdVendor Advisory
android.googlesource.com/platform/hardware/qcom/audio/+/073a80800f341325932c66818ce4302b312909a4nvd

News mentions

No linked articles in our index yet.

cvss	0.637
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000