CVE-2016-5340

HIGH

Android < 7.0 and Linux Kernel 3.0-3.19.8 - Improper Input Validation in ashmem File Handling

Title source: llm
STIX 2.1

Description

The is_ashmem_file function in drivers/staging/android/ashmem.c in a certain Qualcomm Innovation Center (QuIC) Android patch for the Linux kernel 3.x mishandles pointer validation within the KGSL Linux Graphics Module, which allows attackers to bypass intended access restrictions by using the /ashmem string as the dentry name.

References (5)

Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/92374
Third Party Advisory x_refsource_confirm
http://source.android.com/security/bulletin/2016-10-01.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1036763

Scores

CVSS v3 7.8
EPSS 0.0030
EPSS Percentile 22.1%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-20
Status published
Products (2)
google/android < 7.0
linux/linux_kernel 3.0 - 3.19.8
Published Aug 07, 2016
Tracked Since Feb 18, 2026