CVE-2016-5340
HIGHAndroid < 7.0 and Linux Kernel 3.0-3.19.8 - Improper Input Validation in ashmem File Handling
Title source: llmDescription
The is_ashmem_file function in drivers/staging/android/ashmem.c in a certain Qualcomm Innovation Center (QuIC) Android patch for the Linux kernel 3.x mishandles pointer validation within the KGSL Linux Graphics Module, which allows attackers to bypass intended access restrictions by using the /ashmem string as the dentry name.
References (5)
Core 5
Core References
Broken Link x_refsource_confirm
https://www.codeaurora.org/invalid-path-check-ashmem-memory-file-cve-2016-5340
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/92374
Third Party Advisory x_refsource_confirm
http://source.android.com/security/bulletin/2016-10-01.html
Mailing List, Patch, Third Party Advisory x_refsource_confirm
https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=06e51489061e5473b4e2035c79dcf7c27a6f75a6
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1036763
Scores
CVSS v3
7.8
EPSS
0.0030
EPSS Percentile
22.1%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-20
Status
published
Products (2)
google/android
< 7.0
linux/linux_kernel
3.0 - 3.19.8
Published
Aug 07, 2016
Tracked Since
Feb 18, 2026