CVE-2016-2062

Name of the Vulnerable Software and Affected Versions Linux kernel versions 3.x

Description The issue is related to the adreno perfcounter query group function in the Adreno GPU driver, which uses an incorrect integer data type. This can be exploited by attackers to cause a denial of service, including integer overflow, heap-based buffer overflow, and incorrect memory allocation, via a crafted IOCTL KGSL PERFCOUNTER QUERY ioctl call.

Recommendations For Linux kernel version 3.x, consider disabling the adreno perfcounter query group function as a temporary workaround until a patch is available. Restrict access to the IOCTL KGSL PERFCOUNTER QUERY ioctl call to minimize the risk of exploitation.