PT-2016-1722 · Google · Android

Chengjia4574

+4

·

Publicado

2016-04-18

·

Atualizado

2016-04-20

·

CVE-2016-2410

CVSS v3.1

7.4

Alta

VetorAV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Android versions prior to 2016-04-01
Description The issue is related to a video kernel driver component by Qualcomm in the Android operating system, which has insufficient access control. This can be exploited by a local attacker using a specially crafted application to elevate their privileges.
Recommendations For Android versions prior to 2016-04-01, consider restricting access to the vulnerable video kernel driver as a temporary workaround until a patch is available.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-264

Identificadores relacionados

BDU:2016-01048
CVE-2016-2410

Produtos afetados

Android