var-201801-0049
Vulnerability from variot
Buffer overflow in the Qualcomm radio driver in Android before 2017-01-05 on Android One devices allows local users to gain privileges via a crafted application, aka Android internal bug 32639452 and Qualcomm internal bug CR1079713. Android Contains a buffer error vulnerability. This vulnerability Android ID: A-32639452 and Qualcomm QC-CR#1079713 It is published asInformation is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. GoogleAndroidOne is a smartphone from Google Inc. in the United States. Qualcomm is a device-specific Qualcomm component used by Qualcomm. An attacker could exploit this vulnerability to execute arbitrary code with elevated privileges in the context of the kernel. This issue is being tracked as Android ID A-32639452
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201801-0049",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "android",
"scope": "eq",
"trust": 1.6,
"vendor": "google",
"version": null
},
{
"model": "android one",
"scope": "eq",
"trust": 0.9,
"vendor": "google",
"version": "0"
},
{
"model": "android",
"scope": "eq",
"trust": 0.8,
"vendor": "google",
"version": "2017-01-05"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-00332"
},
{
"db": "BID",
"id": "95273"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008894"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-127"
},
{
"db": "NVD",
"id": "CVE-2016-5345"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:google:android",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-008894"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported the issue.",
"sources": [
{
"db": "BID",
"id": "95273"
}
],
"trust": 0.3
},
"cve": "CVE-2016-5345",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.4,
"id": "CVE-2016-5345",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2017-00332",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.0,
"id": "CVE-2016-5345",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2016-5345",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2016-5345",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2017-00332",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201701-127",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2016-5345",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-00332"
},
{
"db": "VULMON",
"id": "CVE-2016-5345"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008894"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-127"
},
{
"db": "NVD",
"id": "CVE-2016-5345"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in the Qualcomm radio driver in Android before 2017-01-05 on Android One devices allows local users to gain privileges via a crafted application, aka Android internal bug 32639452 and Qualcomm internal bug CR1079713. Android Contains a buffer error vulnerability. This vulnerability Android ID: A-32639452 and Qualcomm QC-CR#1079713 It is published asInformation is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. GoogleAndroidOne is a smartphone from Google Inc. in the United States. Qualcomm is a device-specific Qualcomm component used by Qualcomm. An attacker could exploit this vulnerability to execute arbitrary code with elevated privileges in the context of the kernel. \nThis issue is being tracked as Android ID A-32639452",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-5345"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008894"
},
{
"db": "CNVD",
"id": "CNVD-2017-00332"
},
{
"db": "BID",
"id": "95273"
},
{
"db": "VULMON",
"id": "CVE-2016-5345"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-5345",
"trust": 3.4
},
{
"db": "BID",
"id": "95273",
"trust": 2.6
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008894",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2017-00332",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201701-127",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2016-5345",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-00332"
},
{
"db": "VULMON",
"id": "CVE-2016-5345"
},
{
"db": "BID",
"id": "95273"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008894"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-127"
},
{
"db": "NVD",
"id": "CVE-2016-5345"
}
]
},
"id": "VAR-201801-0049",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-00332"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-00332"
}
]
},
"last_update_date": "2024-11-23T22:42:00.319000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Android \u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u306b\u95a2\u3059\u308b\u516c\u958b\u60c5\u5831 - 2017 \u5e74 1 \u6708",
"trust": 0.8,
"url": "https://source.android.com/security/bulletin/2017-01-01"
},
{
"title": "radio-iris: check argument values before copying the data",
"trust": 0.8,
"url": "https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=67118716a2933f6f30a25ea7e3946569a8b191c6"
},
{
"title": "Patch for GoogleAndroidOneQualcommRadioDriver privilege escalation vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/87809"
},
{
"title": "Google Android One Qualcomm radio Fixes for driver permission and access control vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=66862"
},
{
"title": "Android Security Bulletins: Android Security Bulletin\u2014January 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=e8654f311f23268a7da69416ca7535a2"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-00332"
},
{
"db": "VULMON",
"id": "CVE-2016-5345"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008894"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-127"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-008894"
},
{
"db": "NVD",
"id": "CVE-2016-5345"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "http://www.securityfocus.com/bid/95273"
},
{
"trust": 2.0,
"url": "https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=67118716a2933f6f30a25ea7e3946569a8b191c6"
},
{
"trust": 1.8,
"url": "https://source.android.com/security/bulletin/2017-01-01.html"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-5345"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-5345"
},
{
"trust": 0.3,
"url": "http://code.google.com/android/"
},
{
"trust": 0.3,
"url": "https://source.android.com/security/bulletin/2017-01-01.html "
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-00332"
},
{
"db": "VULMON",
"id": "CVE-2016-5345"
},
{
"db": "BID",
"id": "95273"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008894"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-127"
},
{
"db": "NVD",
"id": "CVE-2016-5345"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2017-00332"
},
{
"db": "VULMON",
"id": "CVE-2016-5345"
},
{
"db": "BID",
"id": "95273"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-008894"
},
{
"db": "CNNVD",
"id": "CNNVD-201701-127"
},
{
"db": "NVD",
"id": "CVE-2016-5345"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-01-11T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-00332"
},
{
"date": "2018-01-23T00:00:00",
"db": "VULMON",
"id": "CVE-2016-5345"
},
{
"date": "2017-01-03T00:00:00",
"db": "BID",
"id": "95273"
},
{
"date": "2018-02-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-008894"
},
{
"date": "2017-01-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201701-127"
},
{
"date": "2018-01-23T01:29:00.193000",
"db": "NVD",
"id": "CVE-2016-5345"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-01-11T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-00332"
},
{
"date": "2018-02-12T00:00:00",
"db": "VULMON",
"id": "CVE-2016-5345"
},
{
"date": "2017-01-12T01:09:00",
"db": "BID",
"id": "95273"
},
{
"date": "2018-02-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-008894"
},
{
"date": "2017-01-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201701-127"
},
{
"date": "2024-11-21T02:54:08.780000",
"db": "NVD",
"id": "CVE-2016-5345"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201701-127"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Android Buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-008894"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201701-127"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…