In Android before the 2018-05-05 security patch level, NVIDIA Media Server contains an out-of-bounds read (due to improper input validation) vulnerability which could lead to local information. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
Google
Nvidia
Information Disclosure
Buffer Overflow
Android
NVD
CVSS 3.0
3.3
EPSS
0.1%