CVE-2016-2065

Published on: 08/07/2016 12:00:00 AM UTC

Last Modified on: 03/23/2021 11:27:15 PM UTC

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Certain versions of Linux Kernel from Linux contain the following vulnerability:

sound/soc/msm/qdsp6v2/msm-audio-effects-q6-v2.c in the MSM QDSP6 audio driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to cause a denial of service (out-of-bounds write and memory corruption) or possibly have unspecified other impact via a crafted application that makes an ioctl call triggering incorrect use of a parameters pointer.

  • CVE-2016-2065 has been assigned by [email protected] to track the vulnerability - currently rated as HIGH severity.

CVSS3 Score: 7.8 - HIGH

Attack
Vector
Attack
Complexity
Privileges
Required
User
Interaction
LOCAL LOW NONE REQUIRED
Scope Confidentiality
Impact
Integrity
Impact
Availability
Impact
UNCHANGED HIGH HIGH HIGH

CVSS2 Score: 6.8 - MEDIUM

Access
Vector
Access
Complexity
Authentication
NETWORK MEDIUM NONE
Confidentiality
Impact
Integrity
Impact
Availability
Impact
PARTIAL PARTIAL PARTIAL

CVE References

Description Tags Link
kernel/msm-3.18 - Unnamed repository Mailing List
Patch
Third Party Advisory
web.archive.org
text/html
Inactive LinkNot Archived
URL Logo CONFIRM us.codeaurora.org/cgit/quic/la/kernel/msm-3.18/commit/?id=775fca8289eff931f91ff6e8c36cf2034ba59e88
Multiple Vulnerabilities In MSM QDSP6 Audio Driver Allow Kernel Memory Corruption (CVE-2016-2064, CVE-2016-2065, CVE-2016-2066) | Code Aurora Broken Link
web.archive.org
text/html
Inactive LinkNot Archived
URL Logo CONFIRM www.codeaurora.org/multiple-vulnerabilities-msm-qdsp6-audio-driver-allow-kernel-memory-corruption-cve-2016-2064-cve
Linux Kernel CVE-2016-2065 Local Memory Corruption Vulnerability Third Party Advisory
VDB Entry
cve.report (archive)
text/html
URL Logo BID 92376

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language
Operating
System
LinuxLinux KernelAllAllAllAll
  • cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*: