Allwinner · Allwinner 3.4 Legacy Kernel · CVE-2016-10225
**Name of the Vulnerable Software and Affected Versions**
Allwinner 3.4 legacy kernel for H3, A83T and H8 devices
**Description**
The issue allows local users to gain root privileges. This is achieved by sending "rootmydevice" to the /proc/sunxi debug/sunxi debug API endpoint.
**Recommendations**
For Allwinner 3.4 legacy kernel for H3, A83T and H8 devices, consider restricting access to the /proc/sunxi debug/sunxi debug endpoint to prevent exploitation.