Android stagefright libmpeg2 impeg2d_dec_user_data heap overflow

CENSUS ID:	CENSUS-2016-0008
CVE ID:	CVE-2016-0824
Android ID:	25765591
Affected Products:	Android OS 6.0 — 6.0.1
Class:	Out-of-bounds Read (CWE-125)
Discovered by:	Anestis Bechtsoudis

Android provides a media playback engine at the native level called Stagefright that comes built-in with software-based codecs for several popular media formats. Stagefright features for audio and video playback include integration with OpenMAX codecs, session management, time-synchronized rendering, transport control, and DRM.