CVE-2016-2065

Name of the Vulnerable Software and Affected Versions Linux kernel versions 3.x

Description The issue is related to the sound/soc/msm/qdsp6v2/msm-audio-effects-q6-v2.c file in the MSM QDSP6 audio driver for the Linux kernel. It involves reading data beyond a specified buffer, which can be exploited by an attacker to cause a denial of service or potentially have other impacts, such as out-of-bounds writing and memory corruption. This can be achieved through a specially crafted application that makes an ioctl call, triggering the incorrect use of a parameters pointer, specifically the parameters pointer.

Recommendations For Linux kernel version 3.x, consider restricting access to the vulnerable ioctl call until a patch is available. As a temporary workaround, avoid using the parameters pointer in the affected ioctl call to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.