CVE-2016-5870

Name of the Vulnerable Software and Affected Versions Linux kernel versions 3.x

Description The issue is related to the msm ipc router close function in the ipc router component, which can cause a denial of service (NULL pointer dereference) or possibly have other unspecified impacts. This can be triggered by failure of an accept system call for an AF MSM IPC socket. The vulnerability can be exploited by a local attacker to cause a denial of service or other unspecified effects.

Recommendations For Linux kernel version 3.x, consider disabling the msm ipc router close function as a temporary workaround until a patch is available. Restrict access to the AF MSM IPC socket to minimize the risk of exploitation. Avoid using the accept system call for AF MSM IPC sockets until the issue is resolved.