Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2016-AVI-326
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été corrigées dans Google Android (Nexus). Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une élévation de privilèges.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Toutes les versions d'Android
Impacted products
| Vendor | Product | Description |
|---|
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cP\u003eToutes les versions d\u0027Android\u003c/P\u003e",
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2016-5342",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5342"
},
{
"name": "CVE-2016-2059",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2059"
},
{
"name": "CVE-2016-6688",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6688"
},
{
"name": "CVE-2016-3916",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3916"
},
{
"name": "CVE-2016-6685",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6685"
},
{
"name": "CVE-2016-3902",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3902"
},
{
"name": "CVE-2016-3923",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3923"
},
{
"name": "CVE-2016-5348",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5348"
},
{
"name": "CVE-2016-6694",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6694"
},
{
"name": "CVE-2016-6683",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6683"
},
{
"name": "CVE-2016-3926",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3926"
},
{
"name": "CVE-2016-3920",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3920"
},
{
"name": "CVE-2015-8951",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8951"
},
{
"name": "CVE-2016-5340",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5340"
},
{
"name": "CVE-2016-3927",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3927"
},
{
"name": "CVE-2016-6682",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6682"
},
{
"name": "CVE-2015-8950",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8950"
},
{
"name": "CVE-2016-3929",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3929"
},
{
"name": "CVE-2015-0572",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0572"
},
{
"name": "CVE-2016-6695",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6695"
},
{
"name": "CVE-2016-3934",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3934"
},
{
"name": "CVE-2016-3925",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3925"
},
{
"name": "CVE-2016-6679",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6679"
},
{
"name": "CVE-2016-0758",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-0758"
},
{
"name": "CVE-2016-5696",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5696"
},
{
"name": "CVE-2016-3936",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3936"
},
{
"name": "CVE-2016-6678",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6678"
},
{
"name": "CVE-2016-3900",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3900"
},
{
"name": "CVE-2016-3901",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3901"
},
{
"name": "CVE-2016-3882",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3882"
},
{
"name": "CVE-2016-3932",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3932"
},
{
"name": "CVE-2016-6691",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6691"
},
{
"name": "CVE-2016-3917",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3917"
},
{
"name": "CVE-2016-3931",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3931"
},
{
"name": "CVE-2016-6684",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6684"
},
{
"name": "CVE-2016-3922",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3922"
},
{
"name": "CVE-2016-3938",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3938"
},
{
"name": "CVE-2015-8956",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8956"
},
{
"name": "CVE-2016-3908",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3908"
},
{
"name": "CVE-2016-3940",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3940"
},
{
"name": "CVE-2016-5344",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5344"
},
{
"name": "CVE-2016-3921",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3921"
},
{
"name": "CVE-2016-3939",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3939"
},
{
"name": "CVE-2015-8955",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8955"
},
{
"name": "CVE-2016-3918",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3918"
},
{
"name": "CVE-2016-3910",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3910"
},
{
"name": "CVE-2016-3915",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3915"
},
{
"name": "CVE-2016-3905",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3905"
},
{
"name": "CVE-2016-6696",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6696"
},
{
"name": "CVE-2016-3913",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3913"
},
{
"name": "CVE-2016-5343",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5343"
},
{
"name": "CVE-2016-6674",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6674"
},
{
"name": "CVE-2016-6673",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6673"
},
{
"name": "CVE-2016-6677",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6677"
},
{
"name": "CVE-2016-3909",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3909"
},
{
"name": "CVE-2016-6680",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6680"
},
{
"name": "CVE-2016-6687",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6687"
},
{
"name": "CVE-2016-6692",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6692"
},
{
"name": "CVE-2016-6672",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6672"
},
{
"name": "CVE-2016-7117",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7117"
},
{
"name": "CVE-2016-3912",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3912"
},
{
"name": "CVE-2016-6676",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6676"
},
{
"name": "CVE-2016-3930",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3930"
},
{
"name": "CVE-2016-3903",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3903"
},
{
"name": "CVE-2016-3860",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3860"
},
{
"name": "CVE-2016-3935",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3935"
},
{
"name": "CVE-2016-6693",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6693"
},
{
"name": "CVE-2016-3911",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3911"
},
{
"name": "CVE-2016-3933",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3933"
},
{
"name": "CVE-2016-3914",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3914"
},
{
"name": "CVE-2016-3928",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3928"
},
{
"name": "CVE-2016-6675",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6675"
},
{
"name": "CVE-2016-6689",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6689"
},
{
"name": "CVE-2016-6686",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6686"
},
{
"name": "CVE-2016-3924",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3924"
},
{
"name": "CVE-2016-6690",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6690"
},
{
"name": "CVE-2016-3937",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3937"
}
],
"links": [],
"reference": "CERTFR-2016-AVI-326",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2016-10-04T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eGoogle Android (Nexus)\u003c/span\u003e. Elles permettent \u00e0 un\nattaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un\nd\u00e9ni de service \u00e0 distance et une \u00e9l\u00e9vation de privil\u00e8ges.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Google Android (Nexus)",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Android du 03 octobre 2016",
"url": "https://source.android.com/security/bulletin/2016-10-01.html"
}
]
}
CVE-2015-0572 (GCVE-0-2015-0572)
Vulnerability from cvelistv5 – Published: 2016-10-10 10:00 – Updated: 2024-08-06 04:17
VLAI?
EPSS
Summary
Multiple race conditions in drivers/char/adsprpc.c and drivers/char/adsprpc_compat.c in the ADSPRPC driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allow attackers to cause a denial of service (zero-value write) or possibly have unspecified other impact via a COMPAT_FASTRPC_IOCTL_INVOKE_FD ioctl call.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://source.codeaurora.org/quic/la/kernel/msm/… | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/93312 | vdb-entryx_refsource_BID |
| https://www.codeaurora.org/race-condition-leading… | x_refsource_CONFIRM |
| http://source.android.com/security/bulletin/2016-… | x_refsource_CONFIRM |
| https://source.codeaurora.org/quic/la/kernel/msm-… | x_refsource_CONFIRM |
Date Public ?
2016-10-05 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:17:32.066Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://source.codeaurora.org/quic/la/kernel/msm/commit/?id=8fb32c3a8147b82e2bb159b3f70d803c9e68899b"
},
{
"name": "93312",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93312"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.codeaurora.org/race-condition-leading-arbitrary-null-write-adsp-using-ioctl-compatfastrpcioctlinvokefd-cve-2015"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://source.android.com/security/bulletin/2016-10-01.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=34ad3d34fbff11b8e1210b9da0dac937fb956b61"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-05T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple race conditions in drivers/char/adsprpc.c and drivers/char/adsprpc_compat.c in the ADSPRPC driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allow attackers to cause a denial of service (zero-value write) or possibly have unspecified other impact via a COMPAT_FASTRPC_IOCTL_INVOKE_FD ioctl call."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-25T19:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://source.codeaurora.org/quic/la/kernel/msm/commit/?id=8fb32c3a8147b82e2bb159b3f70d803c9e68899b"
},
{
"name": "93312",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93312"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.codeaurora.org/race-condition-leading-arbitrary-null-write-adsp-using-ioctl-compatfastrpcioctlinvokefd-cve-2015"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://source.android.com/security/bulletin/2016-10-01.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=34ad3d34fbff11b8e1210b9da0dac937fb956b61"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-0572",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple race conditions in drivers/char/adsprpc.c and drivers/char/adsprpc_compat.c in the ADSPRPC driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allow attackers to cause a denial of service (zero-value write) or possibly have unspecified other impact via a COMPAT_FASTRPC_IOCTL_INVOKE_FD ioctl call."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.codeaurora.org/quic/la/kernel/msm/commit/?id=8fb32c3a8147b82e2bb159b3f70d803c9e68899b",
"refsource": "CONFIRM",
"url": "https://source.codeaurora.org/quic/la/kernel/msm/commit/?id=8fb32c3a8147b82e2bb159b3f70d803c9e68899b"
},
{
"name": "93312",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93312"
},
{
"name": "https://www.codeaurora.org/race-condition-leading-arbitrary-null-write-adsp-using-ioctl-compatfastrpcioctlinvokefd-cve-2015",
"refsource": "CONFIRM",
"url": "https://www.codeaurora.org/race-condition-leading-arbitrary-null-write-adsp-using-ioctl-compatfastrpcioctlinvokefd-cve-2015"
},
{
"name": "http://source.android.com/security/bulletin/2016-10-01.html",
"refsource": "CONFIRM",
"url": "http://source.android.com/security/bulletin/2016-10-01.html"
},
{
"name": "https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=34ad3d34fbff11b8e1210b9da0dac937fb956b61",
"refsource": "CONFIRM",
"url": "https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=34ad3d34fbff11b8e1210b9da0dac937fb956b61"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-0572",
"datePublished": "2016-10-10T10:00:00.000Z",
"dateReserved": "2015-01-07T00:00:00.000Z",
"dateUpdated": "2024-08-06T04:17:32.066Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-8950 (GCVE-0-2015-8950)
Vulnerability from cvelistv5 – Published: 2016-10-10 10:00 – Updated: 2024-08-06 08:36
VLAI?
EPSS
Summary
arch/arm64/mm/dma-mapping.c in the Linux kernel before 4.0.3, as used in the ION subsystem in Android and other products, does not initialize certain data structures, which allows local users to obtain sensitive information from kernel memory by triggering a dma_mmap call.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| https://source.codeaurora.org/quic/la/kernel/msm-… | x_refsource_CONFIRM |
| https://github.com/torvalds/linux/commit/6829e274… | x_refsource_CONFIRM |
| http://source.android.com/security/bulletin/2016-… | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/93318 | vdb-entryx_refsource_BID |
| http://www.kernel.org/pub/linux/kernel/v4.x/Chang… | x_refsource_CONFIRM |
| http://git.kernel.org/cgit/linux/kernel/git/torva… | x_refsource_CONFIRM |
Date Public ?
2015-05-13 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T08:36:30.390Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=6e2c437a2d0a85d90d3db85a7471f99764f7bbf8"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/torvalds/linux/commit/6829e274a623187c24f7cfc0e3d35f25d087fcc5"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://source.android.com/security/bulletin/2016-10-01.html"
},
{
"name": "93318",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93318"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.0.3"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6829e274a623187c24f7cfc0e3d35f25d087fcc5"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-05-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "arch/arm64/mm/dma-mapping.c in the Linux kernel before 4.0.3, as used in the ION subsystem in Android and other products, does not initialize certain data structures, which allows local users to obtain sensitive information from kernel memory by triggering a dma_mmap call."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-25T19:57:01.000Z",
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"shortName": "google_android"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=6e2c437a2d0a85d90d3db85a7471f99764f7bbf8"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/torvalds/linux/commit/6829e274a623187c24f7cfc0e3d35f25d087fcc5"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://source.android.com/security/bulletin/2016-10-01.html"
},
{
"name": "93318",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93318"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.0.3"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6829e274a623187c24f7cfc0e3d35f25d087fcc5"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2015-8950",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "arch/arm64/mm/dma-mapping.c in the Linux kernel before 4.0.3, as used in the ION subsystem in Android and other products, does not initialize certain data structures, which allows local users to obtain sensitive information from kernel memory by triggering a dma_mmap call."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=6e2c437a2d0a85d90d3db85a7471f99764f7bbf8",
"refsource": "CONFIRM",
"url": "https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=6e2c437a2d0a85d90d3db85a7471f99764f7bbf8"
},
{
"name": "https://github.com/torvalds/linux/commit/6829e274a623187c24f7cfc0e3d35f25d087fcc5",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/6829e274a623187c24f7cfc0e3d35f25d087fcc5"
},
{
"name": "http://source.android.com/security/bulletin/2016-10-01.html",
"refsource": "CONFIRM",
"url": "http://source.android.com/security/bulletin/2016-10-01.html"
},
{
"name": "93318",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93318"
},
{
"name": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.0.3",
"refsource": "CONFIRM",
"url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.0.3"
},
{
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6829e274a623187c24f7cfc0e3d35f25d087fcc5",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6829e274a623187c24f7cfc0e3d35f25d087fcc5"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"assignerShortName": "google_android",
"cveId": "CVE-2015-8950",
"datePublished": "2016-10-10T10:00:00.000Z",
"dateReserved": "2016-08-11T00:00:00.000Z",
"dateUpdated": "2024-08-06T08:36:30.390Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-8951 (GCVE-0-2015-8951)
Vulnerability from cvelistv5 – Published: 2016-10-10 10:00 – Updated: 2024-08-06 08:36
VLAI?
EPSS
Summary
Multiple use-after-free vulnerabilities in sound/soc/msm/qdsp6v2/msm-lsm-client.c in the Qualcomm sound driver in Android before 2016-10-05 on Nexus 5X, Nexus 6P, and Android One devices allow attackers to gain privileges via a crafted application, aka Android internal bug 30142668 and Qualcomm internal bug CR 948902.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://source.android.com/security/bulletin/2016-… | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/93317 | vdb-entryx_refsource_BID |
| https://source.codeaurora.org/quic/la/kernel/msm-… | x_refsource_CONFIRM |
Date Public ?
2016-10-05 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T08:36:31.652Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://source.android.com/security/bulletin/2016-10-01.html"
},
{
"name": "93317",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93317"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=ccff36b07bfc49efc77b9f1b55ed2bf0900b1d5b"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-05T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Multiple use-after-free vulnerabilities in sound/soc/msm/qdsp6v2/msm-lsm-client.c in the Qualcomm sound driver in Android before 2016-10-05 on Nexus 5X, Nexus 6P, and Android One devices allow attackers to gain privileges via a crafted application, aka Android internal bug 30142668 and Qualcomm internal bug CR 948902."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-25T19:57:01.000Z",
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"shortName": "google_android"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://source.android.com/security/bulletin/2016-10-01.html"
},
{
"name": "93317",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93317"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=ccff36b07bfc49efc77b9f1b55ed2bf0900b1d5b"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2015-8951",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple use-after-free vulnerabilities in sound/soc/msm/qdsp6v2/msm-lsm-client.c in the Qualcomm sound driver in Android before 2016-10-05 on Nexus 5X, Nexus 6P, and Android One devices allow attackers to gain privileges via a crafted application, aka Android internal bug 30142668 and Qualcomm internal bug CR 948902."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://source.android.com/security/bulletin/2016-10-01.html",
"refsource": "CONFIRM",
"url": "http://source.android.com/security/bulletin/2016-10-01.html"
},
{
"name": "93317",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93317"
},
{
"name": "https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=ccff36b07bfc49efc77b9f1b55ed2bf0900b1d5b",
"refsource": "CONFIRM",
"url": "https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=ccff36b07bfc49efc77b9f1b55ed2bf0900b1d5b"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"assignerShortName": "google_android",
"cveId": "CVE-2015-8951",
"datePublished": "2016-10-10T10:00:00.000Z",
"dateReserved": "2016-08-15T00:00:00.000Z",
"dateUpdated": "2024-08-06T08:36:31.652Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-8955 (GCVE-0-2015-8955)
Vulnerability from cvelistv5 – Published: 2016-10-10 10:00 – Updated: 2024-08-06 08:36
VLAI?
EPSS
Summary
arch/arm64/kernel/perf_event.c in the Linux kernel before 4.1 on arm64 platforms allows local users to gain privileges or cause a denial of service (invalid pointer dereference) via vectors involving events that are mishandled during a span of multiple HW PMUs.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://github.com/torvalds/linux/commit/8fff105e… | x_refsource_CONFIRM |
| http://source.android.com/security/bulletin/2016-… | x_refsource_CONFIRM |
| http://git.kernel.org/cgit/linux/kernel/git/torva… | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/93314 | vdb-entryx_refsource_BID |
Date Public ?
2015-03-19 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T08:36:30.864Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/torvalds/linux/commit/8fff105e13041e49b82f92eef034f363a6b1c071"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://source.android.com/security/bulletin/2016-10-01.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8fff105e13041e49b82f92eef034f363a6b1c071"
},
{
"name": "93314",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93314"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-03-19T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "arch/arm64/kernel/perf_event.c in the Linux kernel before 4.1 on arm64 platforms allows local users to gain privileges or cause a denial of service (invalid pointer dereference) via vectors involving events that are mishandled during a span of multiple HW PMUs."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-25T19:57:01.000Z",
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"shortName": "google_android"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/torvalds/linux/commit/8fff105e13041e49b82f92eef034f363a6b1c071"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://source.android.com/security/bulletin/2016-10-01.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8fff105e13041e49b82f92eef034f363a6b1c071"
},
{
"name": "93314",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93314"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2015-8955",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "arch/arm64/kernel/perf_event.c in the Linux kernel before 4.1 on arm64 platforms allows local users to gain privileges or cause a denial of service (invalid pointer dereference) via vectors involving events that are mishandled during a span of multiple HW PMUs."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/torvalds/linux/commit/8fff105e13041e49b82f92eef034f363a6b1c071",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/8fff105e13041e49b82f92eef034f363a6b1c071"
},
{
"name": "http://source.android.com/security/bulletin/2016-10-01.html",
"refsource": "CONFIRM",
"url": "http://source.android.com/security/bulletin/2016-10-01.html"
},
{
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8fff105e13041e49b82f92eef034f363a6b1c071",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8fff105e13041e49b82f92eef034f363a6b1c071"
},
{
"name": "93314",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93314"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"assignerShortName": "google_android",
"cveId": "CVE-2015-8955",
"datePublished": "2016-10-10T10:00:00.000Z",
"dateReserved": "2016-08-30T00:00:00.000Z",
"dateUpdated": "2024-08-06T08:36:30.864Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2015-8956 (GCVE-0-2015-8956)
Vulnerability from cvelistv5 – Published: 2016-10-10 10:00 – Updated: 2024-08-06 08:36
VLAI?
EPSS
Summary
The rfcomm_sock_bind function in net/bluetooth/rfcomm/sock.c in the Linux kernel before 4.2 allows local users to obtain sensitive information or cause a denial of service (NULL pointer dereference) via vectors involving a bind system call on a Bluetooth RFCOMM socket.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
6 references
| URL | Tags |
|---|---|
| http://source.android.com/security/bulletin/2016-… | x_refsource_CONFIRM |
| http://rhn.redhat.com/errata/RHSA-2016-2584.html | vendor-advisoryx_refsource_REDHAT |
| http://rhn.redhat.com/errata/RHSA-2016-2574.html | vendor-advisoryx_refsource_REDHAT |
| http://git.kernel.org/cgit/linux/kernel/git/torva… | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/93326 | vdb-entryx_refsource_BID |
| https://github.com/torvalds/linux/commit/951b6a07… | x_refsource_CONFIRM |
Date Public ?
2015-05-06 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T08:36:31.038Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://source.android.com/security/bulletin/2016-10-01.html"
},
{
"name": "RHSA-2016:2584",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2584.html"
},
{
"name": "RHSA-2016:2574",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2574.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=951b6a0717db97ce420547222647bcc40bf1eacd"
},
{
"name": "93326",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93326"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/torvalds/linux/commit/951b6a0717db97ce420547222647bcc40bf1eacd"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-05-06T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The rfcomm_sock_bind function in net/bluetooth/rfcomm/sock.c in the Linux kernel before 4.2 allows local users to obtain sensitive information or cause a denial of service (NULL pointer dereference) via vectors involving a bind system call on a Bluetooth RFCOMM socket."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01.000Z",
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"shortName": "google_android"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://source.android.com/security/bulletin/2016-10-01.html"
},
{
"name": "RHSA-2016:2584",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2584.html"
},
{
"name": "RHSA-2016:2574",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2574.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=951b6a0717db97ce420547222647bcc40bf1eacd"
},
{
"name": "93326",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93326"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/torvalds/linux/commit/951b6a0717db97ce420547222647bcc40bf1eacd"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2015-8956",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The rfcomm_sock_bind function in net/bluetooth/rfcomm/sock.c in the Linux kernel before 4.2 allows local users to obtain sensitive information or cause a denial of service (NULL pointer dereference) via vectors involving a bind system call on a Bluetooth RFCOMM socket."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://source.android.com/security/bulletin/2016-10-01.html",
"refsource": "CONFIRM",
"url": "http://source.android.com/security/bulletin/2016-10-01.html"
},
{
"name": "RHSA-2016:2584",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2584.html"
},
{
"name": "RHSA-2016:2574",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-2574.html"
},
{
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=951b6a0717db97ce420547222647bcc40bf1eacd",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=951b6a0717db97ce420547222647bcc40bf1eacd"
},
{
"name": "93326",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93326"
},
{
"name": "https://github.com/torvalds/linux/commit/951b6a0717db97ce420547222647bcc40bf1eacd",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/951b6a0717db97ce420547222647bcc40bf1eacd"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"assignerShortName": "google_android",
"cveId": "CVE-2015-8956",
"datePublished": "2016-10-10T10:00:00.000Z",
"dateReserved": "2016-08-30T00:00:00.000Z",
"dateUpdated": "2024-08-06T08:36:31.038Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-0758 (GCVE-0-2016-0758)
Vulnerability from cvelistv5 – Published: 2016-06-27 10:00 – Updated: 2024-08-05 22:30
VLAI?
EPSS
Summary
Integer overflow in lib/asn1_decoder.c in the Linux kernel before 4.6 allows local users to gain privileges via crafted ASN.1 data.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
33 references
Date Public ?
2016-02-01 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:30:04.558Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-2979-4",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2979-4"
},
{
"name": "SUSE-SU-2016:1690",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html"
},
{
"name": "SUSE-SU-2016:2010",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00022.html"
},
{
"name": "SUSE-SU-2016:2011",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00023.html"
},
{
"name": "SUSE-SU-2016:2003",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00017.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=23c8a812dc3c621009e4f0e5342aa4e2ede1ceaa"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/torvalds/linux/commit/23c8a812dc3c621009e4f0e5342aa4e2ede1ceaa"
},
{
"name": "SUSE-SU-2016:1994",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00008.html"
},
{
"name": "RHSA-2016:1055",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1055.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
},
{
"name": "SUSE-SU-2016:1961",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00003.html"
},
{
"name": "SUSE-SU-2016:2001",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00015.html"
},
{
"name": "SUSE-SU-2016:1985",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html"
},
{
"name": "openSUSE-SU-2016:2184",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html"
},
{
"name": "SUSE-SU-2016:2006",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00019.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://source.android.com/security/bulletin/2016-10-01.html"
},
{
"name": "[oss-security] 20160513 CVE-2016-0758 - Linux kernel - Flaw in ASN.1 DER decoder for x509 certificate DER files.",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/05/12/9"
},
{
"name": "SUSE-SU-2016:2014",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00026.html"
},
{
"name": "RHSA-2016:1033",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1033.html"
},
{
"name": "openSUSE-SU-2016:1641",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1300257"
},
{
"name": "SUSE-SU-2016:1672",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html"
},
{
"name": "RHSA-2016:1051",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1051.html"
},
{
"name": "SUSE-SU-2016:2009",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00021.html"
},
{
"name": "SUSE-SU-2016:2005",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00018.html"
},
{
"name": "SUSE-SU-2016:2007",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00020.html"
},
{
"name": "90626",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/90626"
},
{
"name": "SUSE-SU-2016:2000",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00014.html"
},
{
"name": "SUSE-SU-2016:1995",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00009.html"
},
{
"name": "SUSE-SU-2016:2105",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html"
},
{
"name": "SUSE-SU-2016:2002",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00016.html"
},
{
"name": "HPSBHF3548",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "https://h20565.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158555"
},
{
"name": "SUSE-SU-2016:1937",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-02-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in lib/asn1_decoder.c in the Linux kernel before 4.6 allows local users to gain privileges via crafted ASN.1 data."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-25T20:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "USN-2979-4",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2979-4"
},
{
"name": "SUSE-SU-2016:1690",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html"
},
{
"name": "SUSE-SU-2016:2010",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00022.html"
},
{
"name": "SUSE-SU-2016:2011",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00023.html"
},
{
"name": "SUSE-SU-2016:2003",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00017.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=23c8a812dc3c621009e4f0e5342aa4e2ede1ceaa"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/torvalds/linux/commit/23c8a812dc3c621009e4f0e5342aa4e2ede1ceaa"
},
{
"name": "SUSE-SU-2016:1994",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00008.html"
},
{
"name": "RHSA-2016:1055",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1055.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
},
{
"name": "SUSE-SU-2016:1961",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00003.html"
},
{
"name": "SUSE-SU-2016:2001",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00015.html"
},
{
"name": "SUSE-SU-2016:1985",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html"
},
{
"name": "openSUSE-SU-2016:2184",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html"
},
{
"name": "SUSE-SU-2016:2006",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00019.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://source.android.com/security/bulletin/2016-10-01.html"
},
{
"name": "[oss-security] 20160513 CVE-2016-0758 - Linux kernel - Flaw in ASN.1 DER decoder for x509 certificate DER files.",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/05/12/9"
},
{
"name": "SUSE-SU-2016:2014",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00026.html"
},
{
"name": "RHSA-2016:1033",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1033.html"
},
{
"name": "openSUSE-SU-2016:1641",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1300257"
},
{
"name": "SUSE-SU-2016:1672",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html"
},
{
"name": "RHSA-2016:1051",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1051.html"
},
{
"name": "SUSE-SU-2016:2009",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00021.html"
},
{
"name": "SUSE-SU-2016:2005",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00018.html"
},
{
"name": "SUSE-SU-2016:2007",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00020.html"
},
{
"name": "90626",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/90626"
},
{
"name": "SUSE-SU-2016:2000",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00014.html"
},
{
"name": "SUSE-SU-2016:1995",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00009.html"
},
{
"name": "SUSE-SU-2016:2105",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html"
},
{
"name": "SUSE-SU-2016:2002",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00016.html"
},
{
"name": "HPSBHF3548",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "https://h20565.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05158555"
},
{
"name": "SUSE-SU-2016:1937",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2016-0758",
"datePublished": "2016-06-27T10:00:00.000Z",
"dateReserved": "2015-12-16T00:00:00.000Z",
"dateUpdated": "2024-08-05T22:30:04.558Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-2059 (GCVE-0-2016-2059)
Vulnerability from cvelistv5 – Published: 2016-05-05 21:00 – Updated: 2024-08-05 23:17
VLAI?
EPSS
Summary
The msm_ipc_router_bind_control_port function in net/ipc_router/ipc_router_core.c in the IPC router kernel module for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not verify that a port is a client port, which allows attackers to gain privileges or cause a denial of service (race condition and list corruption) by making many BIND_CONTROL_PORT ioctl calls.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://www.codeaurora.org/projects/security-advi… | x_refsource_CONFIRM |
| http://www.securitytracker.com/id/1035765 | vdb-entryx_refsource_SECTRACK |
| http://source.android.com/security/bulletin/2016-… | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/90230 | vdb-entryx_refsource_BID |
| https://us.codeaurora.org/cgit/quic/la/kernel/msm… | x_refsource_CONFIRM |
Date Public ?
2016-04-29 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:17:50.289Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.codeaurora.org/projects/security-advisories/linux-ipc-router-binding-any-port-control-port-cve-2016-2059"
},
{
"name": "1035765",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1035765"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://source.android.com/security/bulletin/2016-10-01.html"
},
{
"name": "90230",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/90230"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.18/commit/?id=9e8bdd63f7011dff5523ea435433834b3702398d"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-04-29T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The msm_ipc_router_bind_control_port function in net/ipc_router/ipc_router_core.c in the IPC router kernel module for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not verify that a port is a client port, which allows attackers to gain privileges or cause a denial of service (race condition and list corruption) by making many BIND_CONTROL_PORT ioctl calls."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-29T16:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.codeaurora.org/projects/security-advisories/linux-ipc-router-binding-any-port-control-port-cve-2016-2059"
},
{
"name": "1035765",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1035765"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://source.android.com/security/bulletin/2016-10-01.html"
},
{
"name": "90230",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/90230"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.18/commit/?id=9e8bdd63f7011dff5523ea435433834b3702398d"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-2059",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The msm_ipc_router_bind_control_port function in net/ipc_router/ipc_router_core.c in the IPC router kernel module for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not verify that a port is a client port, which allows attackers to gain privileges or cause a denial of service (race condition and list corruption) by making many BIND_CONTROL_PORT ioctl calls."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.codeaurora.org/projects/security-advisories/linux-ipc-router-binding-any-port-control-port-cve-2016-2059",
"refsource": "CONFIRM",
"url": "https://www.codeaurora.org/projects/security-advisories/linux-ipc-router-binding-any-port-control-port-cve-2016-2059"
},
{
"name": "1035765",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1035765"
},
{
"name": "http://source.android.com/security/bulletin/2016-10-01.html",
"refsource": "CONFIRM",
"url": "http://source.android.com/security/bulletin/2016-10-01.html"
},
{
"name": "90230",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/90230"
},
{
"name": "https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.18/commit/?id=9e8bdd63f7011dff5523ea435433834b3702398d",
"refsource": "CONFIRM",
"url": "https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.18/commit/?id=9e8bdd63f7011dff5523ea435433834b3702398d"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-2059",
"datePublished": "2016-05-05T21:00:00.000Z",
"dateReserved": "2016-01-25T00:00:00.000Z",
"dateUpdated": "2024-08-05T23:17:50.289Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-3860 (GCVE-0-2016-3860)
Vulnerability from cvelistv5 – Published: 2016-10-10 10:00 – Updated: 2024-08-06 00:10
VLAI?
EPSS
Summary
sound/soc/msm/qdsp6v2/audio_calibration.c in the Qualcomm sound driver in Android before 2016-10-05 on Nexus 5X, Nexus 6P, and Android One devices allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 29323142 and Qualcomm internal bug CR 1038127.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://source.codeaurora.org/quic/la/kernel/msm-… | x_refsource_CONFIRM |
| http://source.android.com/security/bulletin/2016-… | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/93320 | vdb-entryx_refsource_BID |
Date Public ?
2016-10-05 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:10:31.302Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/sound/soc/msm/qdsp6v2/?id=528976f54be246ec93a71ac53aa4faf3e3791c48"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://source.android.com/security/bulletin/2016-10-01.html"
},
{
"name": "93320",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93320"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-05T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "sound/soc/msm/qdsp6v2/audio_calibration.c in the Qualcomm sound driver in Android before 2016-10-05 on Nexus 5X, Nexus 6P, and Android One devices allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 29323142 and Qualcomm internal bug CR 1038127."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-25T19:57:01.000Z",
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"shortName": "google_android"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/sound/soc/msm/qdsp6v2/?id=528976f54be246ec93a71ac53aa4faf3e3791c48"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://source.android.com/security/bulletin/2016-10-01.html"
},
{
"name": "93320",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93320"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2016-3860",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "sound/soc/msm/qdsp6v2/audio_calibration.c in the Qualcomm sound driver in Android before 2016-10-05 on Nexus 5X, Nexus 6P, and Android One devices allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 29323142 and Qualcomm internal bug CR 1038127."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/sound/soc/msm/qdsp6v2/?id=528976f54be246ec93a71ac53aa4faf3e3791c48",
"refsource": "CONFIRM",
"url": "https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/sound/soc/msm/qdsp6v2/?id=528976f54be246ec93a71ac53aa4faf3e3791c48"
},
{
"name": "http://source.android.com/security/bulletin/2016-10-01.html",
"refsource": "CONFIRM",
"url": "http://source.android.com/security/bulletin/2016-10-01.html"
},
{
"name": "93320",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93320"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"assignerShortName": "google_android",
"cveId": "CVE-2016-3860",
"datePublished": "2016-10-10T10:00:00.000Z",
"dateReserved": "2016-03-30T00:00:00.000Z",
"dateUpdated": "2024-08-06T00:10:31.302Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-3882 (GCVE-0-2016-3882)
Vulnerability from cvelistv5 – Published: 2016-10-10 10:00 – Updated: 2024-08-06 00:10
VLAI?
EPSS
Summary
Off-by-one error in server/wifi/anqp/VenueNameElement.java in Wi-Fi in Android 6.x before 2016-10-01 and 7.0 before 2016-10-01 allows remote attackers to cause a denial of service (reboot) via an access point that provides a crafted (1) Venue Group or (2) Venue Type value, aka internal bug 29464811.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/93295 | vdb-entryx_refsource_BID |
| http://source.android.com/security/bulletin/2016-… | x_refsource_CONFIRM |
| https://android.googlesource.com/platform/framewo… | x_refsource_CONFIRM |
Date Public ?
2016-10-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:10:31.332Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "93295",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93295"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://source.android.com/security/bulletin/2016-10-01.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://android.googlesource.com/platform/frameworks/opt/net/wifi/+/35a86eef3c0eef760f7e61c52a343327ba601630"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Off-by-one error in server/wifi/anqp/VenueNameElement.java in Wi-Fi in Android 6.x before 2016-10-01 and 7.0 before 2016-10-01 allows remote attackers to cause a denial of service (reboot) via an access point that provides a crafted (1) Venue Group or (2) Venue Type value, aka internal bug 29464811."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-25T19:57:01.000Z",
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"shortName": "google_android"
},
"references": [
{
"name": "93295",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93295"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://source.android.com/security/bulletin/2016-10-01.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://android.googlesource.com/platform/frameworks/opt/net/wifi/+/35a86eef3c0eef760f7e61c52a343327ba601630"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2016-3882",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Off-by-one error in server/wifi/anqp/VenueNameElement.java in Wi-Fi in Android 6.x before 2016-10-01 and 7.0 before 2016-10-01 allows remote attackers to cause a denial of service (reboot) via an access point that provides a crafted (1) Venue Group or (2) Venue Type value, aka internal bug 29464811."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "93295",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93295"
},
{
"name": "http://source.android.com/security/bulletin/2016-10-01.html",
"refsource": "CONFIRM",
"url": "http://source.android.com/security/bulletin/2016-10-01.html"
},
{
"name": "https://android.googlesource.com/platform/frameworks/opt/net/wifi/+/35a86eef3c0eef760f7e61c52a343327ba601630",
"refsource": "CONFIRM",
"url": "https://android.googlesource.com/platform/frameworks/opt/net/wifi/+/35a86eef3c0eef760f7e61c52a343327ba601630"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"assignerShortName": "google_android",
"cveId": "CVE-2016-3882",
"datePublished": "2016-10-10T10:00:00.000Z",
"dateReserved": "2016-03-30T00:00:00.000Z",
"dateUpdated": "2024-08-06T00:10:31.332Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-3900 (GCVE-0-2016-3900)
Vulnerability from cvelistv5 – Published: 2016-10-10 10:00 – Updated: 2024-08-06 00:10
VLAI?
EPSS
Summary
cmds/servicemanager/service_manager.c in ServiceManager in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 does not properly restrict service registration, which allows attackers to gain privileges via a crafted application, aka internal bug 29431260.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://android.googlesource.com/platform/framewo… | x_refsource_CONFIRM |
| http://source.android.com/security/bulletin/2016-… | x_refsource_CONFIRM |
| https://android.googlesource.com/platform/framewo… | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/93291 | vdb-entryx_refsource_BID |
Date Public ?
2016-10-03 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:10:31.821Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://android.googlesource.com/platform/frameworks/native/+/047eec456943dc082e33220d28abb7df4e089f69"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://source.android.com/security/bulletin/2016-10-01.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://android.googlesource.com/platform/frameworks/native/+/d3c6ce463ac91ecbeb2128beb475d31d3ca6ef42"
},
{
"name": "93291",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93291"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "cmds/servicemanager/service_manager.c in ServiceManager in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 does not properly restrict service registration, which allows attackers to gain privileges via a crafted application, aka internal bug 29431260."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-11-25T19:57:01.000Z",
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"shortName": "google_android"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://android.googlesource.com/platform/frameworks/native/+/047eec456943dc082e33220d28abb7df4e089f69"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://source.android.com/security/bulletin/2016-10-01.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://android.googlesource.com/platform/frameworks/native/+/d3c6ce463ac91ecbeb2128beb475d31d3ca6ef42"
},
{
"name": "93291",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93291"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2016-3900",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "cmds/servicemanager/service_manager.c in ServiceManager in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, 6.x before 2016-10-01, and 7.0 before 2016-10-01 does not properly restrict service registration, which allows attackers to gain privileges via a crafted application, aka internal bug 29431260."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://android.googlesource.com/platform/frameworks/native/+/047eec456943dc082e33220d28abb7df4e089f69",
"refsource": "CONFIRM",
"url": "https://android.googlesource.com/platform/frameworks/native/+/047eec456943dc082e33220d28abb7df4e089f69"
},
{
"name": "http://source.android.com/security/bulletin/2016-10-01.html",
"refsource": "CONFIRM",
"url": "http://source.android.com/security/bulletin/2016-10-01.html"
},
{
"name": "https://android.googlesource.com/platform/frameworks/native/+/d3c6ce463ac91ecbeb2128beb475d31d3ca6ef42",
"refsource": "CONFIRM",
"url": "https://android.googlesource.com/platform/frameworks/native/+/d3c6ce463ac91ecbeb2128beb475d31d3ca6ef42"
},
{
"name": "93291",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93291"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"assignerShortName": "google_android",
"cveId": "CVE-2016-3900",
"datePublished": "2016-10-10T10:00:00.000Z",
"dateReserved": "2016-03-30T00:00:00.000Z",
"dateUpdated": "2024-08-06T00:10:31.821Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…