PT-2016-1722 · Google · Android

Chengjia4574

Published

2016-04-18

Updated

2016-04-20

CVE-2016-2410

CVSS v3.1

7.4

High

Vector

AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Android versions prior to 2016-04-01

Description The issue is related to a video kernel driver component by Qualcomm in the Android operating system, which has insufficient access control. This can be exploited by a local attacker using a specially crafted application to elevate their privileges.

Recommendations For Android versions prior to 2016-04-01, consider restricting access to the vulnerable video kernel driver as a temporary workaround until a patch is available.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-264

Related Identifiers

BDU:2016-01048

CVE-2016-2410

Affected Products

Android

PT-2016-1722 · Google · Android

CVE-2016-2410

Weakness Enumeration

Related Identifiers

Affected Products

References · 7