In RtpPacket::decodePacket, there is a possible out of bounds access due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.
{ "spl": "2026-06-05", "types": [ "EoP" ], "severity": "High" }
"https://storage.googleapis.com/android-osv/PUB-A-476459432.json"