Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2016-3857 (GCVE-0-2016-3857)
Vulnerability from cvelistv5 – Published: 2016-08-05 20:00 – Updated: 2024-08-06 00:10- n/a
| URL | Tags |
|---|---|
| http://source.android.com/security/bulletin/2016-… | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:10:31.166Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://source.android.com/security/bulletin/2016-08-01.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-08-01T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The kernel in Android before 2016-08-05 on Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application, aka internal bug 28522518."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-08-05T19:57:01.000Z",
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"shortName": "google_android"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://source.android.com/security/bulletin/2016-08-01.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2016-3857",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The kernel in Android before 2016-08-05 on Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application, aka internal bug 28522518."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://source.android.com/security/bulletin/2016-08-01.html",
"refsource": "CONFIRM",
"url": "http://source.android.com/security/bulletin/2016-08-01.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"assignerShortName": "google_android",
"cveId": "CVE-2016-3857",
"datePublished": "2016-08-05T20:00:00.000Z",
"dateReserved": "2016-03-30T00:00:00.000Z",
"dateUpdated": "2024-08-06T00:10:31.166Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2016-3857",
"date": "2026-07-14",
"epss": "0.00582",
"percentile": "0.43773"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:google:android:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"6.0.1\", \"matchCriteriaId\": \"2567A6D5-BBA1-47B2-B1C3-EFABE9408FA9\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"The kernel in Android before 2016-08-05 on Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application, aka internal bug 28522518.\"}, {\"lang\": \"es\", \"value\": \"El kernel en Android en versiones anteriores a 2016-08-05 en dispositivos Nexus 7 (2013) permite a atacantes obtener privilegios a trav\\u00e9s de una aplicaci\\u00f3n manipulada, tambi\\u00e9n conocido como error interno 28522518.\"}]",
"id": "CVE-2016-3857",
"lastModified": "2024-11-21T02:50:48.357",
"metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:C/I:C/A:C\", \"baseScore\": 9.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 8.6, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
"published": "2016-08-05T20:59:45.967",
"references": "[{\"url\": \"http://source.android.com/security/bulletin/2016-08-01.html\", \"source\": \"security@android.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://source.android.com/security/bulletin/2016-08-01.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}]",
"sourceIdentifier": "security@android.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-264\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2016-3857\",\"sourceIdentifier\":\"security@android.com\",\"published\":\"2016-08-05T20:59:45.967\",\"lastModified\":\"2026-05-06T22:30:45.220\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The kernel in Android before 2016-08-05 on Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application, aka internal bug 28522518.\"},{\"lang\":\"es\",\"value\":\"El kernel en Android en versiones anteriores a 2016-08-05 en dispositivos Nexus 7 (2013) permite a atacantes obtener privilegios a trav\u00e9s de una aplicaci\u00f3n manipulada, tambi\u00e9n conocido como error interno 28522518.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:C/I:C/A:C\",\"baseScore\":9.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.6,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-264\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:google:android:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"6.0.1\",\"matchCriteriaId\":\"2567A6D5-BBA1-47B2-B1C3-EFABE9408FA9\"}]}]}],\"references\":[{\"url\":\"http://source.android.com/security/bulletin/2016-08-01.html\",\"source\":\"security@android.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://source.android.com/security/bulletin/2016-08-01.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]}]}}",
"redhat_vex": {
"aggregate_severity": "Important",
"current_release_date": "2025-11-21T12:00:41+00:00",
"cve": "CVE-2016-3857",
"id": "CVE-2016-3857",
"initial_release_date": "2016-08-05T00:00:00+00:00",
"product_status:known_not_affected": "55",
"source": "Red Hat CSAF VEX",
"status": "final",
"title": "kernel: privilege escalation in sys_oabi_*() in arm kernel",
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2016/cve-2016-3857.json",
"version": "3"
}
}
}
CERTFR-2016-AVI-257
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été corrigées dans Google Android (Nexus). Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Google Android (Nexus) toutes versions n'intégrant pas le correctif de sécurité du 1 août 2016
| Vendor | Product | Description |
|---|
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cP\u003eGoogle Android (Nexus) toutes versions n\u0027int\u00e9grant pas le correctif de s\u00e9curit\u00e9 du 1 ao\u00fbt 2016\u003c/P\u003e",
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2016-3820",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3820"
},
{
"name": "CVE-2015-8942",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8942"
},
{
"name": "CVE-2014-9903",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9903"
},
{
"name": "CVE-2014-9863",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9863"
},
{
"name": "CVE-2015-8938",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8938"
},
{
"name": "CVE-2014-9898",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9898"
},
{
"name": "CVE-2016-2544",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2544"
},
{
"name": "CVE-2016-3823",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3823"
},
{
"name": "CVE-2016-4578",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4578"
},
{
"name": "CVE-2014-9864",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9864"
},
{
"name": "CVE-2016-3832",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3832"
},
{
"name": "CVE-2014-9896",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9896"
},
{
"name": "CVE-2014-9877",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9877"
},
{
"name": "CVE-2014-9866",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9866"
},
{
"name": "CVE-2016-3819",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3819"
},
{
"name": "CVE-2016-3839",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3839"
},
{
"name": "CVE-2016-3836",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3836"
},
{
"name": "CVE-2014-9902",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9902"
},
{
"name": "CVE-2014-9893",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9893"
},
{
"name": "CVE-2015-8941",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8941"
},
{
"name": "CVE-2016-3842",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3842"
},
{
"name": "CVE-2015-8944",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8944"
},
{
"name": "CVE-2016-3847",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3847"
},
{
"name": "CVE-2014-9887",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9887"
},
{
"name": "CVE-2014-9874",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9874"
},
{
"name": "CVE-2014-9884",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9884"
},
{
"name": "CVE-2016-3857",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3857"
},
{
"name": "CVE-2016-3844",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3844"
},
{
"name": "CVE-2014-9868",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9868"
},
{
"name": "CVE-2014-9904",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9904"
},
{
"name": "CVE-2014-9897",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9897"
},
{
"name": "CVE-2015-8937",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8937"
},
{
"name": "CVE-2016-3834",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3834"
},
{
"name": "CVE-2014-9895",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9895"
},
{
"name": "CVE-2014-9886",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9886"
},
{
"name": "CVE-2014-9894",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9894"
},
{
"name": "CVE-2016-3837",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3837"
},
{
"name": "CVE-2014-9900",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9900"
},
{
"name": "CVE-2015-2686",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2686"
},
{
"name": "CVE-2014-9882",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9882"
},
{
"name": "CVE-2014-9880",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9880"
},
{
"name": "CVE-2016-3830",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3830"
},
{
"name": "CVE-2014-9869",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9869"
},
{
"name": "CVE-2015-1593",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1593"
},
{
"name": "CVE-2014-9876",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9876"
},
{
"name": "CVE-2014-9867",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9867"
},
{
"name": "CVE-2016-3843",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3843"
},
{
"name": "CVE-2014-9892",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9892"
},
{
"name": "CVE-2012-6701",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-6701"
},
{
"name": "CVE-2014-9872",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9872"
},
{
"name": "CVE-2016-3840",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3840"
},
{
"name": "CVE-2016-3841",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3841"
},
{
"name": "CVE-2016-3826",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3826"
},
{
"name": "CVE-2014-9885",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9885"
},
{
"name": "CVE-2016-3846",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3846"
},
{
"name": "CVE-2016-4569",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4569"
},
{
"name": "CVE-2014-9871",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9871"
},
{
"name": "CVE-2014-9891",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9891"
},
{
"name": "CVE-2016-3856",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3856"
},
{
"name": "CVE-2016-3821",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3821"
},
{
"name": "CVE-2014-9881",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9881"
},
{
"name": "CVE-2016-3851",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3851"
},
{
"name": "CVE-2014-9875",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9875"
},
{
"name": "CVE-2016-3829",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3829"
},
{
"name": "CVE-2014-9890",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9890"
},
{
"name": "CVE-2015-8943",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8943"
},
{
"name": "CVE-2016-3831",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3831"
},
{
"name": "CVE-2014-9899",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9899"
},
{
"name": "CVE-2016-2504",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2504"
},
{
"name": "CVE-2015-8939",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8939"
},
{
"name": "CVE-2014-9889",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9889"
},
{
"name": "CVE-2016-3833",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3833"
},
{
"name": "CVE-2016-3672",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3672"
},
{
"name": "CVE-2016-3854",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3854"
},
{
"name": "CVE-2014-9901",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9901"
},
{
"name": "CVE-2016-3825",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3825"
},
{
"name": "CVE-2016-4482",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4482"
},
{
"name": "CVE-2014-9878",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9878"
},
{
"name": "CVE-2016-3852",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3852"
},
{
"name": "CVE-2016-3849",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3849"
},
{
"name": "CVE-2016-2497",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2497"
},
{
"name": "CVE-2014-9883",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9883"
},
{
"name": "CVE-2014-9873",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9873"
},
{
"name": "CVE-2014-9865",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9865"
},
{
"name": "CVE-2016-3822",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3822"
},
{
"name": "CVE-2015-8940",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8940"
},
{
"name": "CVE-2016-2842",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2842"
},
{
"name": "CVE-2016-3835",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3835"
},
{
"name": "CVE-2014-9888",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9888"
},
{
"name": "CVE-2016-2546",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2546"
},
{
"name": "CVE-2016-3845",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3845"
},
{
"name": "CVE-2016-3828",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3828"
},
{
"name": "CVE-2016-3838",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3838"
},
{
"name": "CVE-2016-3850",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3850"
},
{
"name": "CVE-2014-9879",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9879"
},
{
"name": "CVE-2016-3827",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3827"
},
{
"name": "CVE-2016-3855",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3855"
},
{
"name": "CVE-2016-3824",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3824"
},
{
"name": "CVE-2014-9870",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9870"
},
{
"name": "CVE-2016-3853",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3853"
},
{
"name": "CVE-2016-3848",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3848"
}
],
"links": [],
"reference": "CERTFR-2016-AVI-257",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2016-08-02T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eGoogle Android (Nexus)\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Google Android (Nexus)",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Android du 01 ao\u00fbt 2016",
"url": "https://source.android.com/security/bulletin/2016-08-01.html"
}
]
}
CERTFR-2016-AVI-315
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été corrigées dans le noyau Linux d'Ubuntu. Elles permettent à un attaquant de provoquer une exécution de code arbitraire, un déni de service à distance et une atteinte à l'intégrité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
None| Title | Publication Time | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Ubuntu 16.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 16.04 LTS s\u0027ex\u00e9cutant sur Raspberry Pi 2",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 12.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 14.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 16.04 LTS s\u0027ex\u00e9cutant sur un processeur Qualcomm Snapdragon",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2015-8767",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8767"
},
{
"name": "CVE-2016-6136",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6136"
},
{
"name": "CVE-2016-6156",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6156"
},
{
"name": "CVE-2016-3857",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3857"
},
{
"name": "CVE-2016-5412",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5412"
},
{
"name": "CVE-2016-3841",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3841"
}
],
"links": [],
"reference": "CERTFR-2016-AVI-315",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2016-09-20T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Ex\u00e9cution de code arbitraire"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003ele noyau Linux d\u0027Ubuntu\u003c/span\u003e. Elles permettent \u00e0 un\nattaquant de provoquer une ex\u00e9cution de code arbitraire, un d\u00e9ni de\nservice \u00e0 distance et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu usn-3082-2 du 19 septembre 2016",
"url": "http://www.ubuntu.com/usn/usn-3082-2/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu usn-3082-1 du 19 septembre 2016",
"url": "http://www.ubuntu.com/usn/usn-3082-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu usn-3084-4 du 19 septembre 2016",
"url": "http://www.ubuntu.com/usn/usn-3084-4/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu usn-3083-2 du 19 septembre 2016",
"url": "http://www.ubuntu.com/usn/usn-3083-2/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu usn-3084-3 du 19 septembre 2016",
"url": "http://www.ubuntu.com/usn/usn-3084-3/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu usn-3084-2 du 19 septembre 2016",
"url": "http://www.ubuntu.com/usn/usn-3084-2/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu usn-3083-1 du 19 septembre 2016",
"url": "http://www.ubuntu.com/usn/usn-3083-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu usn-3084-1 du 19 septembre 2016",
"url": "http://www.ubuntu.com/usn/usn-3084-1/"
}
]
}
CERTFR-2016-AVI-257
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été corrigées dans Google Android (Nexus). Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Google Android (Nexus) toutes versions n'intégrant pas le correctif de sécurité du 1 août 2016
| Vendor | Product | Description |
|---|
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cP\u003eGoogle Android (Nexus) toutes versions n\u0027int\u00e9grant pas le correctif de s\u00e9curit\u00e9 du 1 ao\u00fbt 2016\u003c/P\u003e",
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2016-3820",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3820"
},
{
"name": "CVE-2015-8942",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8942"
},
{
"name": "CVE-2014-9903",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9903"
},
{
"name": "CVE-2014-9863",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9863"
},
{
"name": "CVE-2015-8938",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8938"
},
{
"name": "CVE-2014-9898",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9898"
},
{
"name": "CVE-2016-2544",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2544"
},
{
"name": "CVE-2016-3823",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3823"
},
{
"name": "CVE-2016-4578",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4578"
},
{
"name": "CVE-2014-9864",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9864"
},
{
"name": "CVE-2016-3832",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3832"
},
{
"name": "CVE-2014-9896",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9896"
},
{
"name": "CVE-2014-9877",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9877"
},
{
"name": "CVE-2014-9866",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9866"
},
{
"name": "CVE-2016-3819",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3819"
},
{
"name": "CVE-2016-3839",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3839"
},
{
"name": "CVE-2016-3836",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3836"
},
{
"name": "CVE-2014-9902",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9902"
},
{
"name": "CVE-2014-9893",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9893"
},
{
"name": "CVE-2015-8941",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8941"
},
{
"name": "CVE-2016-3842",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3842"
},
{
"name": "CVE-2015-8944",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8944"
},
{
"name": "CVE-2016-3847",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3847"
},
{
"name": "CVE-2014-9887",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9887"
},
{
"name": "CVE-2014-9874",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9874"
},
{
"name": "CVE-2014-9884",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9884"
},
{
"name": "CVE-2016-3857",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3857"
},
{
"name": "CVE-2016-3844",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3844"
},
{
"name": "CVE-2014-9868",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9868"
},
{
"name": "CVE-2014-9904",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9904"
},
{
"name": "CVE-2014-9897",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9897"
},
{
"name": "CVE-2015-8937",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8937"
},
{
"name": "CVE-2016-3834",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3834"
},
{
"name": "CVE-2014-9895",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9895"
},
{
"name": "CVE-2014-9886",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9886"
},
{
"name": "CVE-2014-9894",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9894"
},
{
"name": "CVE-2016-3837",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3837"
},
{
"name": "CVE-2014-9900",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9900"
},
{
"name": "CVE-2015-2686",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2686"
},
{
"name": "CVE-2014-9882",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9882"
},
{
"name": "CVE-2014-9880",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9880"
},
{
"name": "CVE-2016-3830",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3830"
},
{
"name": "CVE-2014-9869",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9869"
},
{
"name": "CVE-2015-1593",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1593"
},
{
"name": "CVE-2014-9876",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9876"
},
{
"name": "CVE-2014-9867",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9867"
},
{
"name": "CVE-2016-3843",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3843"
},
{
"name": "CVE-2014-9892",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9892"
},
{
"name": "CVE-2012-6701",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-6701"
},
{
"name": "CVE-2014-9872",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9872"
},
{
"name": "CVE-2016-3840",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3840"
},
{
"name": "CVE-2016-3841",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3841"
},
{
"name": "CVE-2016-3826",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3826"
},
{
"name": "CVE-2014-9885",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9885"
},
{
"name": "CVE-2016-3846",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3846"
},
{
"name": "CVE-2016-4569",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4569"
},
{
"name": "CVE-2014-9871",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9871"
},
{
"name": "CVE-2014-9891",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9891"
},
{
"name": "CVE-2016-3856",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3856"
},
{
"name": "CVE-2016-3821",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3821"
},
{
"name": "CVE-2014-9881",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9881"
},
{
"name": "CVE-2016-3851",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3851"
},
{
"name": "CVE-2014-9875",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9875"
},
{
"name": "CVE-2016-3829",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3829"
},
{
"name": "CVE-2014-9890",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9890"
},
{
"name": "CVE-2015-8943",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8943"
},
{
"name": "CVE-2016-3831",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3831"
},
{
"name": "CVE-2014-9899",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9899"
},
{
"name": "CVE-2016-2504",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2504"
},
{
"name": "CVE-2015-8939",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8939"
},
{
"name": "CVE-2014-9889",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9889"
},
{
"name": "CVE-2016-3833",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3833"
},
{
"name": "CVE-2016-3672",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3672"
},
{
"name": "CVE-2016-3854",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3854"
},
{
"name": "CVE-2014-9901",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9901"
},
{
"name": "CVE-2016-3825",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3825"
},
{
"name": "CVE-2016-4482",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4482"
},
{
"name": "CVE-2014-9878",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9878"
},
{
"name": "CVE-2016-3852",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3852"
},
{
"name": "CVE-2016-3849",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3849"
},
{
"name": "CVE-2016-2497",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2497"
},
{
"name": "CVE-2014-9883",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9883"
},
{
"name": "CVE-2014-9873",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9873"
},
{
"name": "CVE-2014-9865",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9865"
},
{
"name": "CVE-2016-3822",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3822"
},
{
"name": "CVE-2015-8940",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8940"
},
{
"name": "CVE-2016-2842",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2842"
},
{
"name": "CVE-2016-3835",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3835"
},
{
"name": "CVE-2014-9888",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9888"
},
{
"name": "CVE-2016-2546",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2546"
},
{
"name": "CVE-2016-3845",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3845"
},
{
"name": "CVE-2016-3828",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3828"
},
{
"name": "CVE-2016-3838",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3838"
},
{
"name": "CVE-2016-3850",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3850"
},
{
"name": "CVE-2014-9879",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9879"
},
{
"name": "CVE-2016-3827",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3827"
},
{
"name": "CVE-2016-3855",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3855"
},
{
"name": "CVE-2016-3824",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3824"
},
{
"name": "CVE-2014-9870",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9870"
},
{
"name": "CVE-2016-3853",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3853"
},
{
"name": "CVE-2016-3848",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3848"
}
],
"links": [],
"reference": "CERTFR-2016-AVI-257",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2016-08-02T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eGoogle Android (Nexus)\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Google Android (Nexus)",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Android du 01 ao\u00fbt 2016",
"url": "https://source.android.com/security/bulletin/2016-08-01.html"
}
]
}
CERTFR-2016-AVI-315
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été corrigées dans le noyau Linux d'Ubuntu. Elles permettent à un attaquant de provoquer une exécution de code arbitraire, un déni de service à distance et une atteinte à l'intégrité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
None| Title | Publication Time | Tags | ||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Ubuntu 16.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 16.04 LTS s\u0027ex\u00e9cutant sur Raspberry Pi 2",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 12.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 14.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 16.04 LTS s\u0027ex\u00e9cutant sur un processeur Qualcomm Snapdragon",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2015-8767",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8767"
},
{
"name": "CVE-2016-6136",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6136"
},
{
"name": "CVE-2016-6156",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-6156"
},
{
"name": "CVE-2016-3857",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3857"
},
{
"name": "CVE-2016-5412",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5412"
},
{
"name": "CVE-2016-3841",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3841"
}
],
"links": [],
"reference": "CERTFR-2016-AVI-315",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2016-09-20T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Ex\u00e9cution de code arbitraire"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003ele noyau Linux d\u0027Ubuntu\u003c/span\u003e. Elles permettent \u00e0 un\nattaquant de provoquer une ex\u00e9cution de code arbitraire, un d\u00e9ni de\nservice \u00e0 distance et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu usn-3082-2 du 19 septembre 2016",
"url": "http://www.ubuntu.com/usn/usn-3082-2/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu usn-3082-1 du 19 septembre 2016",
"url": "http://www.ubuntu.com/usn/usn-3082-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu usn-3084-4 du 19 septembre 2016",
"url": "http://www.ubuntu.com/usn/usn-3084-4/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu usn-3083-2 du 19 septembre 2016",
"url": "http://www.ubuntu.com/usn/usn-3083-2/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu usn-3084-3 du 19 septembre 2016",
"url": "http://www.ubuntu.com/usn/usn-3084-3/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu usn-3084-2 du 19 septembre 2016",
"url": "http://www.ubuntu.com/usn/usn-3084-2/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu usn-3083-1 du 19 septembre 2016",
"url": "http://www.ubuntu.com/usn/usn-3083-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu usn-3084-1 du 19 septembre 2016",
"url": "http://www.ubuntu.com/usn/usn-3084-1/"
}
]
}
{
"CVSS 2.0": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"CVSS 3.0": null,
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Google Inc",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "\u0434\u043e 2016-08-05 (Android)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f:\nhttp://source.android.com/security/bulletin/2016-08-01.html",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "05.08.2016",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "23.03.2021",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "23.08.2016",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2016-01927",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2016-3857",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Android",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": null,
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Android, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0420\u0430\u0437\u0440\u0435\u0448\u0435\u043d\u0438\u044f, \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0438 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c (CWE-264)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u044f\u0434\u0440\u0430 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Android \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0430\u043c\u0438 \u0440\u0430\u0437\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e, \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u043e\u0433\u043e \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": "-",
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "http://source.android.com/security/bulletin/2016-08-01.html",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-264",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0412\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 9,3)"
}
目前厂商已经发布了升级补丁以修复此安全问题,补丁获取链接: http://support.blackberry.com/kb/articleDetail?articleNumber=000038360
| Name | Google Android |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2016-3857"
}
},
"description": "Android\u662f\u7f8e\u56fd\u8c37\u6b4c\uff08Google\uff09\u516c\u53f8\u548c\u5f00\u653e\u624b\u6301\u8bbe\u5907\u8054\u76df\uff08\u7b80\u79f0OHA\uff09\u5171\u540c\u5f00\u53d1\u7684\u4e00\u5957\u4ee5Linux\u4e3a\u57fa\u7840\u7684\u5f00\u6e90\u64cd\u4f5c\u7cfb\u7edf\u3002Kernel File System\u662f\u5176\u4e2d\u7684\u4e00\u4e2a\u5185\u6838\u6587\u4ef6\u7cfb\u7edf\u7ec4\u4ef6\u3002\r\n\r\nAndroid\u4e2d\u7684kernel\u4e2d\u5b58\u5728\u6743\u9650\u63d0\u5347\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u672c\u5730\u6076\u610f\u7684\u5e94\u7528\u7a0b\u5e8f\u5229\u7528\u8be5\u6f0f\u6d1e\u5728\u5185\u6838\u4e0a\u4e0b\u6587\u4e2d\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002",
"discovererName": "Google",
"formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6b64\u5b89\u5168\u95ee\u9898\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a \r\nhttp://support.blackberry.com/kb/articleDetail?articleNumber=000038360",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2016-06090",
"openTime": "2016-08-05",
"patchDescription": "Android\u662f\u7f8e\u56fd\u8c37\u6b4c\uff08Google\uff09\u516c\u53f8\u548c\u5f00\u653e\u624b\u6301\u8bbe\u5907\u8054\u76df\uff08\u7b80\u79f0OHA\uff09\u5171\u540c\u5f00\u53d1\u7684\u4e00\u5957\u4ee5Linux\u4e3a\u57fa\u7840\u7684\u5f00\u6e90\u64cd\u4f5c\u7cfb\u7edf\u3002Kernel File System\u662f\u5176\u4e2d\u7684\u4e00\u4e2a\u5185\u6838\u6587\u4ef6\u7cfb\u7edf\u7ec4\u4ef6\u3002\r\n\r\nAndroid\u4e2d\u7684kernel\u4e2d\u5b58\u5728\u6743\u9650\u63d0\u5347\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u901a\u8fc7\u672c\u5730\u6076\u610f\u7684\u5e94\u7528\u7a0b\u5e8f\u5229\u7528\u8be5\u6f0f\u6d1e\u5728\u5185\u6838\u4e0a\u4e0b\u6587\u4e2d\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Android kernel\u6743\u9650\u63d0\u5347\u6f0f\u6d1e\uff08CNVD-2016-06090\uff09\u7684\u8865\u4e01",
"products": {
"product": "Google Android"
},
"referenceLink": "http://www.auscert.org.au/./render.html?it=37318",
"serverity": "\u9ad8",
"submitTime": "2016-08-04",
"title": "Android kernel\u6743\u9650\u63d0\u5347\u6f0f\u6d1e\uff08CNVD-2016-06090\uff09"
}
FKIE_CVE-2016-3857
Vulnerability from fkie_nvd - Published: 2016-08-05 20:59 - Updated: 2026-06-17 00:46| URL | Tags | ||
|---|---|---|---|
| security@android.com | http://source.android.com/security/bulletin/2016-08-01.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://source.android.com/security/bulletin/2016-08-01.html | Patch, Vendor Advisory |
{
"affected": [
{
"affectedData": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"source": "security@android.com"
}
],
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2567A6D5-BBA1-47B2-B1C3-EFABE9408FA9",
"versionEndIncluding": "6.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The kernel in Android before 2016-08-05 on Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application, aka internal bug 28522518."
},
{
"lang": "es",
"value": "El kernel en Android en versiones anteriores a 2016-08-05 en dispositivos Nexus 7 (2013) permite a atacantes obtener privilegios a trav\u00e9s de una aplicaci\u00f3n manipulada, tambi\u00e9n conocido como error interno 28522518."
}
],
"id": "CVE-2016-3857",
"lastModified": "2026-06-17T00:46:27.773",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-08-05T20:59:45.967",
"references": [
{
"source": "security@android.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://source.android.com/security/bulletin/2016-08-01.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://source.android.com/security/bulletin/2016-08-01.html"
}
],
"sourceIdentifier": "security@android.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-VQP6-FQ4V-XHC9
Vulnerability from github – Published: 2022-05-17 03:50 – Updated: 2022-05-17 03:50The kernel in Android before 2016-08-05 on Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application, aka internal bug 28522518.
{
"affected": [],
"aliases": [
"CVE-2016-3857"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2016-08-05T20:59:00Z",
"severity": "HIGH"
},
"details": "The kernel in Android before 2016-08-05 on Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application, aka internal bug 28522518.",
"id": "GHSA-vqp6-fq4v-xhc9",
"modified": "2022-05-17T03:50:33Z",
"published": "2022-05-17T03:50:33Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-3857"
},
{
"type": "WEB",
"url": "http://source.android.com/security/bulletin/2016-08-01.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GSD-2016-3857
Vulnerability from gsd - Updated: 2023-12-13 01:21{
"GSD": {
"alias": "CVE-2016-3857",
"description": "The kernel in Android before 2016-08-05 on Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application, aka internal bug 28522518.",
"id": "GSD-2016-3857"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2016-3857"
],
"details": "The kernel in Android before 2016-08-05 on Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application, aka internal bug 28522518.",
"id": "GSD-2016-3857",
"modified": "2023-12-13T01:21:28.177741Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2016-3857",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The kernel in Android before 2016-08-05 on Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application, aka internal bug 28522518."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://source.android.com/security/bulletin/2016-08-01.html",
"refsource": "CONFIRM",
"url": "http://source.android.com/security/bulletin/2016-08-01.html"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "6.0.1",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"ID": "CVE-2016-3857"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "The kernel in Android before 2016-08-05 on Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application, aka internal bug 28522518."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://source.android.com/security/bulletin/2016-08-01.html",
"refsource": "CONFIRM",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://source.android.com/security/bulletin/2016-08-01.html"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"userInteractionRequired": true
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
},
"lastModifiedDate": "2016-08-10T15:33Z",
"publishedDate": "2016-08-05T20:59Z"
}
}
}
ubuntu-cve-2016-3857
Vulnerability from osv_ubuntu
The kernel in Android before 2016-08-05 on Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application, aka internal bug 28522518.
{
"affected": [
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "linux-aws-cloud-tools-4.4.0-1002",
"binary_version": "4.4.0-1002.2"
},
{
"binary_name": "linux-aws-cloud-tools-4.4.0-1002-dbgsym",
"binary_version": "4.4.0-1002.2"
},
{
"binary_name": "linux-aws-headers-4.4.0-1002",
"binary_version": "4.4.0-1002.2"
},
{
"binary_name": "linux-aws-tools-4.4.0-1002",
"binary_version": "4.4.0-1002.2"
},
{
"binary_name": "linux-aws-tools-4.4.0-1002-dbgsym",
"binary_version": "4.4.0-1002.2"
},
{
"binary_name": "linux-cloud-tools-4.4.0-1002-aws",
"binary_version": "4.4.0-1002.2"
},
{
"binary_name": "linux-headers-4.4.0-1002-aws",
"binary_version": "4.4.0-1002.2"
},
{
"binary_name": "linux-image-4.4.0-1002-aws",
"binary_version": "4.4.0-1002.2"
},
{
"binary_name": "linux-image-4.4.0-1002-aws-dbgsym",
"binary_version": "4.4.0-1002.2"
},
{
"binary_name": "linux-tools-4.4.0-1002-aws",
"binary_version": "4.4.0-1002.2"
}
]
},
"package": {
"ecosystem": "Ubuntu:14.04:LTS",
"name": "linux-aws",
"purl": "pkg:deb/ubuntu/linux-aws@4.4.0-1002.2?arch=source\u0026distro=trusty"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.4.0-1002.2"
}
],
"type": "ECOSYSTEM"
}
],
"versions": []
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "linux-aws-cloud-tools-4.4.0-1001",
"binary_version": "4.4.0-1001.10"
},
{
"binary_name": "linux-aws-cloud-tools-4.4.0-1001-dbgsym",
"binary_version": "4.4.0-1001.10"
},
{
"binary_name": "linux-aws-cloud-tools-common",
"binary_version": "4.4.0-1001.10"
},
{
"binary_name": "linux-aws-headers-4.4.0-1001",
"binary_version": "4.4.0-1001.10"
},
{
"binary_name": "linux-aws-source-4.4.0",
"binary_version": "4.4.0-1001.10"
},
{
"binary_name": "linux-aws-tools-4.4.0-1001",
"binary_version": "4.4.0-1001.10"
},
{
"binary_name": "linux-aws-tools-4.4.0-1001-dbgsym",
"binary_version": "4.4.0-1001.10"
},
{
"binary_name": "linux-aws-tools-common",
"binary_version": "4.4.0-1001.10"
},
{
"binary_name": "linux-cloud-tools-4.4.0-1001-aws",
"binary_version": "4.4.0-1001.10"
},
{
"binary_name": "linux-headers-4.4.0-1001-aws",
"binary_version": "4.4.0-1001.10"
},
{
"binary_name": "linux-image-4.4.0-1001-aws",
"binary_version": "4.4.0-1001.10"
},
{
"binary_name": "linux-image-4.4.0-1001-aws-dbgsym",
"binary_version": "4.4.0-1001.10"
},
{
"binary_name": "linux-image-extra-4.4.0-1001-aws",
"binary_version": "4.4.0-1001.10"
},
{
"binary_name": "linux-tools-4.4.0-1001-aws",
"binary_version": "4.4.0-1001.10"
}
]
},
"package": {
"ecosystem": "Ubuntu:16.04:LTS",
"name": "linux-aws",
"purl": "pkg:deb/ubuntu/linux-aws@4.4.0-1001.10?arch=source\u0026distro=xenial"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.4.0-1001.10"
}
],
"type": "ECOSYSTEM"
}
],
"versions": []
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "linux-cloud-tools-4.4.0-1003-gke",
"binary_version": "4.4.0-1003.3"
},
{
"binary_name": "linux-gke-cloud-tools-4.4.0-1003",
"binary_version": "4.4.0-1003.3"
},
{
"binary_name": "linux-gke-cloud-tools-4.4.0-1003-dbgsym",
"binary_version": "4.4.0-1003.3"
},
{
"binary_name": "linux-gke-cloud-tools-common",
"binary_version": "4.4.0-1003.3"
},
{
"binary_name": "linux-gke-headers-4.4.0-1003",
"binary_version": "4.4.0-1003.3"
},
{
"binary_name": "linux-gke-source-4.4.0",
"binary_version": "4.4.0-1003.3"
},
{
"binary_name": "linux-gke-tools-4.4.0-1003",
"binary_version": "4.4.0-1003.3"
},
{
"binary_name": "linux-gke-tools-4.4.0-1003-dbgsym",
"binary_version": "4.4.0-1003.3"
},
{
"binary_name": "linux-gke-tools-common",
"binary_version": "4.4.0-1003.3"
},
{
"binary_name": "linux-headers-4.4.0-1003-gke",
"binary_version": "4.4.0-1003.3"
},
{
"binary_name": "linux-image-4.4.0-1003-gke",
"binary_version": "4.4.0-1003.3"
},
{
"binary_name": "linux-image-4.4.0-1003-gke-dbgsym",
"binary_version": "4.4.0-1003.3"
},
{
"binary_name": "linux-image-extra-4.4.0-1003-gke",
"binary_version": "4.4.0-1003.3"
},
{
"binary_name": "linux-tools-4.4.0-1003-gke",
"binary_version": "4.4.0-1003.3"
}
]
},
"package": {
"ecosystem": "Ubuntu:16.04:LTS",
"name": "linux-gke",
"purl": "pkg:deb/ubuntu/linux-gke@4.4.0-1003.3?arch=source\u0026distro=xenial"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.4.0-1003.3"
}
],
"type": "ECOSYSTEM"
}
],
"versions": []
},
{
"ecosystem_specific": {
"availability": "No subscription required",
"binaries": [
{
"binary_name": "block-modules-4.8.0-36-generic-di",
"binary_version": "4.8.0-36.36~16.04.1"
},
{
"binary_name": "block-modules-4.8.0-36-generic-lpae-di",
"binary_version": "4.8.0-36.36~16.04.1"
},
{
"binary_name": "crypto-modules-4.8.0-36-generic-di",
"binary_version": "4.8.0-36.36~16.04.1"
},
{
"binary_name": "crypto-modules-4.8.0-36-generic-lpae-di",
"binary_version": "4.8.0-36.36~16.04.1"
},
{
"binary_name": "dasd-extra-modules-4.8.0-36-generic-di",
"binary_version": "4.8.0-36.36~16.04.1"
},
{
"binary_name": "dasd-modules-4.8.0-36-generic-di",
"binary_version": "4.8.0-36.36~16.04.1"
},
{
"binary_name": "fat-modules-4.8.0-36-generic-di",
"binary_version": "4.8.0-36.36~16.04.1"
},
{
"binary_name": "fat-modules-4.8.0-36-generic-lpae-di",
"binary_version": "4.8.0-36.36~16.04.1"
},
{
"binary_name": "fb-modules-4.8.0-36-generic-di",
"binary_version": "4.8.0-36.36~16.04.1"
},
{
"binary_name": "firewire-core-modules-4.8.0-36-generic-di",
"binary_version": "4.8.0-36.36~16.04.1"
},
{
"binary_name": "floppy-modules-4.8.0-36-generic-di",
"binary_version": "4.8.0-36.36~16.04.1"
},
{
"binary_name": "fs-core-modules-4.8.0-36-generic-di",
"binary_version": "4.8.0-36.36~16.04.1"
},
{
"binary_name": "fs-core-modules-4.8.0-36-generic-lpae-di",
"binary_version": "4.8.0-36.36~16.04.1"
},
{
"binary_name": "fs-secondary-modules-4.8.0-36-generic-di",
"binary_version": "4.8.0-36.36~16.04.1"
},
{
"binary_name": "fs-secondary-modules-4.8.0-36-generic-lpae-di",
"binary_version": "4.8.0-36.36~16.04.1"
},
{
"binary_name": "input-modules-4.8.0-36-generic-di",
"binary_version": "4.8.0-36.36~16.04.1"
},
{
"binary_name": "input-modules-4.8.0-36-generic-lpae-di",
"binary_version": "4.8.0-36.36~16.04.1"
},
{
"binary_name": "ipmi-modules-4.8.0-36-generic-di",
"binary_version": "4.8.0-36.36~16.04.1"
},
{
"binary_name": "ipmi-modules-4.8.0-36-generic-lpae-di",
"binary_version": "4.8.0-36.36~16.04.1"
},
{
"binary_name": "irda-modules-4.8.0-36-generic-di",
"binary_version": "4.8.0-36.36~16.04.1"
},
{
"binary_name": "irda-modules-4.8.0-36-generic-lpae-di",
"binary_version": "4.8.0-36.36~16.04.1"
},
{
"binary_name": "kernel-image-4.8.0-36-generic-di",
"binary_version": "4.8.0-36.36~16.04.1"
},
{
"binary_name": "kernel-image-4.8.0-36-generic-lpae-di",
"binary_version": "4.8.0-36.36~16.04.1"
},
{
"binary_name": "linux-cloud-tools-4.8.0-36-generic",
"binary_version": "4.8.0-36.36~16.04.1"
},
{
"binary_name": "linux-cloud-tools-4.8.0-36-lowlatency",
"binary_version": "4.8.0-36.36~16.04.1"
},
{
"binary_name": "linux-headers-4.8.0-36",
"binary_version": "4.8.0-36.36~16.04.1"
},
{
"binary_name": "linux-headers-4.8.0-36-generic",
"binary_version": "4.8.0-36.36~16.04.1"
},
{
"binary_name": "linux-headers-4.8.0-36-generic-lpae",
"binary_version": "4.8.0-36.36~16.04.1"
},
{
"binary_name": "linux-headers-4.8.0-36-lowlatency",
"binary_version": "4.8.0-36.36~16.04.1"
},
{
"binary_name": "linux-hwe-cloud-tools-4.8.0-36",
"binary_version": "4.8.0-36.36~16.04.1"
},
{
"binary_name": "linux-hwe-cloud-tools-4.8.0-36-dbgsym",
"binary_version": "4.8.0-36.36~16.04.1"
},
{
"binary_name": "linux-hwe-tools-4.8.0-36",
"binary_version": "4.8.0-36.36~16.04.1"
},
{
"binary_name": "linux-hwe-tools-4.8.0-36-dbgsym",
"binary_version": "4.8.0-36.36~16.04.1"
},
{
"binary_name": "linux-hwe-udebs-generic",
"binary_version": "4.8.0-36.36~16.04.1"
},
{
"binary_name": "linux-hwe-udebs-generic-lpae",
"binary_version": "4.8.0-36.36~16.04.1"
},
{
"binary_name": "linux-image-4.8.0-36-generic",
"binary_version": "4.8.0-36.36~16.04.1"
},
{
"binary_name": "linux-image-4.8.0-36-generic-dbgsym",
"binary_version": "4.8.0-36.36~16.04.1"
},
{
"binary_name": "linux-image-4.8.0-36-generic-lpae",
"binary_version": "4.8.0-36.36~16.04.1"
},
{
"binary_name": "linux-image-4.8.0-36-generic-lpae-dbgsym",
"binary_version": "4.8.0-36.36~16.04.1"
},
{
"binary_name": "linux-image-4.8.0-36-lowlatency",
"binary_version": "4.8.0-36.36~16.04.1"
},
{
"binary_name": "linux-image-4.8.0-36-lowlatency-dbgsym",
"binary_version": "4.8.0-36.36~16.04.1"
},
{
"binary_name": "linux-image-extra-4.8.0-36-generic",
"binary_version": "4.8.0-36.36~16.04.1"
},
{
"binary_name": "linux-source-4.8.0",
"binary_version": "4.8.0-36.36~16.04.1"
},
{
"binary_name": "linux-tools-4.8.0-36-generic",
"binary_version": "4.8.0-36.36~16.04.1"
},
{
"binary_name": "linux-tools-4.8.0-36-generic-lpae",
"binary_version": "4.8.0-36.36~16.04.1"
},
{
"binary_name": "linux-tools-4.8.0-36-lowlatency",
"binary_version": "4.8.0-36.36~16.04.1"
},
{
"binary_name": "md-modules-4.8.0-36-generic-di",
"binary_version": "4.8.0-36.36~16.04.1"
},
{
"binary_name": "md-modules-4.8.0-36-generic-lpae-di",
"binary_version": "4.8.0-36.36~16.04.1"
},
{
"binary_name": "message-modules-4.8.0-36-generic-di",
"binary_version": "4.8.0-36.36~16.04.1"
},
{
"binary_name": "mouse-modules-4.8.0-36-generic-di",
"binary_version": "4.8.0-36.36~16.04.1"
},
{
"binary_name": "mouse-modules-4.8.0-36-generic-lpae-di",
"binary_version": "4.8.0-36.36~16.04.1"
},
{
"binary_name": "multipath-modules-4.8.0-36-generic-di",
"binary_version": "4.8.0-36.36~16.04.1"
},
{
"binary_name": "multipath-modules-4.8.0-36-generic-lpae-di",
"binary_version": "4.8.0-36.36~16.04.1"
},
{
"binary_name": "nfs-modules-4.8.0-36-generic-di",
"binary_version": "4.8.0-36.36~16.04.1"
},
{
"binary_name": "nfs-modules-4.8.0-36-generic-lpae-di",
"binary_version": "4.8.0-36.36~16.04.1"
},
{
"binary_name": "nic-modules-4.8.0-36-generic-di",
"binary_version": "4.8.0-36.36~16.04.1"
},
{
"binary_name": "nic-modules-4.8.0-36-generic-lpae-di",
"binary_version": "4.8.0-36.36~16.04.1"
},
{
"binary_name": "nic-pcmcia-modules-4.8.0-36-generic-di",
"binary_version": "4.8.0-36.36~16.04.1"
},
{
"binary_name": "nic-shared-modules-4.8.0-36-generic-di",
"binary_version": "4.8.0-36.36~16.04.1"
},
{
"binary_name": "nic-shared-modules-4.8.0-36-generic-lpae-di",
"binary_version": "4.8.0-36.36~16.04.1"
},
{
"binary_name": "nic-usb-modules-4.8.0-36-generic-di",
"binary_version": "4.8.0-36.36~16.04.1"
},
{
"binary_name": "nic-usb-modules-4.8.0-36-generic-lpae-di",
"binary_version": "4.8.0-36.36~16.04.1"
},
{
"binary_name": "parport-modules-4.8.0-36-generic-di",
"binary_version": "4.8.0-36.36~16.04.1"
},
{
"binary_name": "parport-modules-4.8.0-36-generic-lpae-di",
"binary_version": "4.8.0-36.36~16.04.1"
},
{
"binary_name": "pata-modules-4.8.0-36-generic-di",
"binary_version": "4.8.0-36.36~16.04.1"
},
{
"binary_name": "pcmcia-modules-4.8.0-36-generic-di",
"binary_version": "4.8.0-36.36~16.04.1"
},
{
"binary_name": "pcmcia-storage-modules-4.8.0-36-generic-di",
"binary_version": "4.8.0-36.36~16.04.1"
},
{
"binary_name": "plip-modules-4.8.0-36-generic-di",
"binary_version": "4.8.0-36.36~16.04.1"
},
{
"binary_name": "plip-modules-4.8.0-36-generic-lpae-di",
"binary_version": "4.8.0-36.36~16.04.1"
},
{
"binary_name": "ppp-modules-4.8.0-36-generic-di",
"binary_version": "4.8.0-36.36~16.04.1"
},
{
"binary_name": "ppp-modules-4.8.0-36-generic-lpae-di",
"binary_version": "4.8.0-36.36~16.04.1"
},
{
"binary_name": "sata-modules-4.8.0-36-generic-di",
"binary_version": "4.8.0-36.36~16.04.1"
},
{
"binary_name": "sata-modules-4.8.0-36-generic-lpae-di",
"binary_version": "4.8.0-36.36~16.04.1"
},
{
"binary_name": "scsi-modules-4.8.0-36-generic-di",
"binary_version": "4.8.0-36.36~16.04.1"
},
{
"binary_name": "scsi-modules-4.8.0-36-generic-lpae-di",
"binary_version": "4.8.0-36.36~16.04.1"
},
{
"binary_name": "serial-modules-4.8.0-36-generic-di",
"binary_version": "4.8.0-36.36~16.04.1"
},
{
"binary_name": "storage-core-modules-4.8.0-36-generic-di",
"binary_version": "4.8.0-36.36~16.04.1"
},
{
"binary_name": "storage-core-modules-4.8.0-36-generic-lpae-di",
"binary_version": "4.8.0-36.36~16.04.1"
},
{
"binary_name": "usb-modules-4.8.0-36-generic-di",
"binary_version": "4.8.0-36.36~16.04.1"
},
{
"binary_name": "usb-modules-4.8.0-36-generic-lpae-di",
"binary_version": "4.8.0-36.36~16.04.1"
},
{
"binary_name": "virtio-modules-4.8.0-36-generic-di",
"binary_version": "4.8.0-36.36~16.04.1"
},
{
"binary_name": "vlan-modules-4.8.0-36-generic-di",
"binary_version": "4.8.0-36.36~16.04.1"
},
{
"binary_name": "vlan-modules-4.8.0-36-generic-lpae-di",
"binary_version": "4.8.0-36.36~16.04.1"
}
]
},
"package": {
"ecosystem": "Ubuntu:16.04:LTS",
"name": "linux-hwe",
"purl": "pkg:deb/ubuntu/linux-hwe@4.8.0-36.36~16.04.1?arch=source\u0026distro=xenial"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "4.8.0-36.36~16.04.1"
}
],
"type": "ECOSYSTEM"
}
],
"versions": []
}
],
"aliases": [],
"details": "The kernel in Android before 2016-08-05 on Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application, aka internal bug 28522518.",
"id": "UBUNTU-CVE-2016-3857",
"modified": "2025-07-16T04:51:16Z",
"published": "2016-08-05T00:00:00Z",
"references": [
{
"type": "REPORT",
"url": "https://ubuntu.com/security/CVE-2016-3857"
},
{
"type": "REPORT",
"url": "http://source.android.com/security/bulletin/2016-08-01.html"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-3082-2"
},
{
"type": "ADVISORY",
"url": "https://ubuntu.com/security/notices/USN-3082-1"
},
{
"type": "REPORT",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3857"
}
],
"related": [
"USN-3082-2",
"USN-3082-1"
],
"schema_version": "1.7.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
],
"upstream": [
"CVE-2016-3857"
],
"withdrawn": "2025-07-18T16:43:29Z"
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.