CVE-2016-0805

HIGH

Android <4.4.4, <5.1.1 LMY49G, <2016-02-01 - Privilege Escalation

Title source: llm

Description

The performance event manager for Qualcomm ARM processors in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows attackers to gain privileges via a crafted application, aka internal bug 25773204.

Exploits (2)

github WORKING POC 8 stars

by codecat007 · cpoc

https://github.com/codecat007/cvehub/tree/main/android/kernel/CVE-2016-0805

View Code ZIP pw:eip

nomisec

by hulovebin · poc

https://github.com/hulovebin/cve-2016-0805

View on nomisec

References (1)

[Vendor Advisory] http://source.android.com/security/bulletin/2016-02-01.html

Scores

CVSS v3 8.4

EPSS 0.0009

EPSS Percentile 25.1%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-264

Status published

Products (24)

google/android 4.0

google/android 4.0.1

google/android 4.0.2

google/android 4.0.3

google/android 4.0.4

google/android 4.1

google/android 4.1.2

google/android 4.2

google/android 4.2.1

google/android 4.2.2

... and 14 more

Published Feb 07, 2016

Tracked Since Feb 18, 2026