CVE-2016-2501

HIGH

Android < 6.0.1 - Privilege Escalation via Qualcomm Camera Driver

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2016-2501. PoCs published by ScottyBauer.

AI-analyzed exploit summary This PoC exploits a heap overflow vulnerability in the MSM camera actuator driver (CVE-2016-2501) by crafting malicious parameters to trigger an integer overflow and subsequent buffer overflow. The code demonstrates the vulnerability by setting up structures to bypass checks and manipulate the driver's behavior.

Description

The Qualcomm camera driver in Android before 2016-07-05 on Nexus 5X, 6, 6P, and 7 (2013) devices allows attackers to gain privileges via a crafted application, aka Android internal bug 27890772 and Qualcomm internal bug CR1001092.

Exploits (1)

github WORKING POC 682 stars
by ScottyBauer · cpoc
https://github.com/ScottyBauer/Android_Kernel_CVE_POCs/tree/master/CVE-2016-2501.c

This PoC exploits a heap overflow vulnerability in the MSM camera actuator driver (CVE-2016-2501) by crafting malicious parameters to trigger an integer overflow and subsequent buffer overflow. The code demonstrates the vulnerability by setting up structures to bypass checks and manipulate the driver's behavior.

Classification
Working Poc 95%
Attack Type
Lpe
Complexity
Moderate
Reliability
Reliable
Target: Android Kernel (MSM camera driver)
No auth needed
Prerequisites: Access to the target device's camera subsystem · Kernel with vulnerable MSM camera driver
devstral-2 · analyzed Feb 27, 2026 Full analysis →

References (1)

Core 1
Core References
Patch, Vendor Advisory x_refsource_confirm
http://source.android.com/security/bulletin/2016-07-01.html

Scores

CVSS v3 7.8
EPSS 0.0050
EPSS Percentile 38.8%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE
CWE-264
Status published
Products (1)
google/android < 6.0.1
Published Jul 11, 2016
Tracked Since Feb 18, 2026