CVE-2016-4038

Name of the Vulnerable Software and Affected Versions Samsung devices with Android KK(4.4) or L and an APQ8084, MSM8974, or MSM8974pro chipset

Description The issue is related to an array index error in the msm sensor config function. This error can be triggered by local users via the gpio config.gpio name value, potentially leading to unspecified impact.

Recommendations For Samsung devices with Android KK(4.4) or L and an APQ8084, MSM8974, or MSM8974pro chipset, consider restricting access to the msm sensor config function until a patch is available. As a temporary workaround, avoid using the gpio config.gpio name value in sensitive operations to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.