CVE Vulnerabilities

CVE-2016-3798

Published: Jul 11, 2016 | Modified: Jul 12, 2016
CVSS 3.x
7.8
HIGH
Source:
NVD
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVSS 2.x
9.3 HIGH
AV:N/AC:M/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

The MediaTek hardware sensor driver in Android before 2016-07-05 on Android One devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28174490 and MediaTek internal bug ALPS02703105.

Affected Software

Name Vendor Start Version End Version
Android Google * 6.0.1
Linux-flo Ubuntu trusty *
Linux-flo Ubuntu vivid/stable-phone-overlay *
Linux-flo Ubuntu wily *
Linux-flo Ubuntu xenial *
Linux-flo Ubuntu yakkety *
Linux-goldfish Ubuntu trusty *
Linux-goldfish Ubuntu wily *
Linux-goldfish Ubuntu xenial *
Linux-goldfish Ubuntu yakkety *
Linux-goldfish Ubuntu zesty *
Linux-grouper Ubuntu trusty *
Linux-linaro-omap Ubuntu precise *
Linux-linaro-shared Ubuntu precise *
Linux-linaro-vexpress Ubuntu precise *
Linux-lts-quantal Ubuntu precise *
Linux-lts-raring Ubuntu precise *
Linux-lts-saucy Ubuntu precise *
Linux-maguro Ubuntu trusty *
Linux-mako Ubuntu trusty *
Linux-mako Ubuntu vivid/stable-phone-overlay *
Linux-mako Ubuntu wily *
Linux-mako Ubuntu xenial *
Linux-mako Ubuntu yakkety *
Linux-manta Ubuntu trusty *
Linux-manta Ubuntu wily *
Linux-qcm-msm Ubuntu precise *

References