CVE-2016-2474

HIGH

Qualcomm Wi-Fi driver - Privilege Escalation

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2016-2474. PoCs published by ScottyBauer.

AI-analyzed exploit summary This PoC exploits a buffer overflow in the Qualcomm Wi-Fi driver (CVE-2016-2474) by sending a maliciously crafted IOCTL request to the 'wlan0' interface. The exploit fills a buffer with excessive data to trigger the vulnerability, potentially leading to local privilege escalation.

Description

The Qualcomm Wi-Fi driver in Android before 2016-06-01 on Nexus 5X devices allows attackers to gain privileges via a crafted application, aka internal bug 27424603.

Exploits (1)

github WORKING POC 682 stars

by ScottyBauer · cpoc

https://github.com/ScottyBauer/Android_Kernel_CVE_POCs/tree/master/CVE-2016-2474.c

View Code ZIP pw:eip

This PoC exploits a buffer overflow in the Qualcomm Wi-Fi driver (CVE-2016-2474) by sending a maliciously crafted IOCTL request to the 'wlan0' interface. The exploit fills a buffer with excessive data to trigger the vulnerability, potentially leading to local privilege escalation.

Classification

Working Poc 95%

Attack Type

Lpe

Complexity

Moderate

Reliability

Reliable

Target: Qualcomm Wi-Fi driver (qcacld-2.0)

No auth needed

Prerequisites: Access to the 'wlan0' interface · Kernel with vulnerable Qualcomm Wi-Fi driver

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1548 - Abuse Elevation Control Mechanism

devstral-2 · analyzed Feb 27, 2026 Full analysis →

References (1)

Core 1

Core References

Patch, Vendor Advisory x_refsource_confirm

http://source.android.com/security/bulletin/2016-06-01.html

Scores

CVSS v3 7.8

EPSS 0.0050

EPSS Percentile 38.8%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

Status published

Products (1)

google/android < 6.0.1

Published Jun 13, 2016

Tracked Since Feb 18, 2026