Using Address Sanitizer, security researcher Sascha Just reported a buffer overflow in the libstagefright library due to issues with the handling of CENC offsets and the sizes table. This results in a potentially exploitable crash triggerable through web content.
Name: the Mozilla project
Upstream: Sascha Just
This issue has been addressed in the following products:
Red Hat Enterprise Linux 7
Red Hat Enterprise Linux 6
Red Hat Enterprise Linux 5
Via RHSA-2016:0695 https://rhn.redhat.com/errata/RHSA-2016-0695.html