CVE-2016-0805

HIGH

Android <4.4.4, <5.1.1 LMY49G, <2016-02-01 - Privilege Escalation

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2016-0805. PoCs published by codecat007.

AI-analyzed exploit summary The PoC demonstrates CVE-2016-0805, a local privilege escalation vulnerability in the Android kernel's perf_event subsystem. It triggers a crash by opening a perf_event with a specific raw event type (0x21001) that leads to an out-of-bounds access.

Description

The performance event manager for Qualcomm ARM processors in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows attackers to gain privileges via a crafted application, aka internal bug 25773204.

Exploits (1)

github WORKING POC 8 stars
by codecat007 · cpoc
https://github.com/codecat007/cvehub/tree/main/android/kernel/CVE-2016-0805

The PoC demonstrates CVE-2016-0805, a local privilege escalation vulnerability in the Android kernel's perf_event subsystem. It triggers a crash by opening a perf_event with a specific raw event type (0x21001) that leads to an out-of-bounds access.

Classification
Working Poc 95%
Attack Type
Lpe
Complexity
Trivial
Reliability
Reliable
Target: Android kernel (affected versions include msm-shamu-3.10-marshmallow)
No auth needed
Prerequisites: Access to the target Android device
devstral-2 · analyzed Feb 27, 2026 Full analysis →

References (1)

Core 1
Core References

Scores

CVSS v3 8.4
EPSS 0.0009
EPSS Percentile 25.5%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-264
Status published
Products (24)
google/android 4.0
google/android 4.0.1
google/android 4.0.2
google/android 4.0.3
google/android 4.0.4
google/android 4.1
google/android 4.1.2
google/android 4.2
google/android 4.2.1
google/android 4.2.2
... and 14 more
Published Feb 07, 2016
Tracked Since Feb 18, 2026