CVE Vulnerabilities

CVE-2016-3904

Published: Nov 25, 2016 | Modified: Nov 28, 2016
CVSS 3.x
7.8
HIGH
Source:
NVD
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CVSS 2.x
6.8 MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu
MEDIUM

An elevation of privilege vulnerability in the Qualcomm bus driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Android ID: A-30311977. References: Qualcomm QC-CR#1050455.

Affected Software

Name Vendor Start Version End Version
Android Google * 7.0 (including)
Linux-flo Ubuntu esm-apps/xenial *
Linux-flo Ubuntu trusty *
Linux-flo Ubuntu vivid/stable-phone-overlay *
Linux-flo Ubuntu xenial *
Linux-flo Ubuntu yakkety *
Linux-goldfish Ubuntu trusty *
Linux-grouper Ubuntu trusty *
Linux-linaro-omap Ubuntu precise *
Linux-linaro-shared Ubuntu precise *
Linux-linaro-vexpress Ubuntu precise *
Linux-lts-quantal Ubuntu precise *
Linux-lts-quantal Ubuntu precise/esm *
Linux-lts-raring Ubuntu precise *
Linux-lts-raring Ubuntu precise/esm *
Linux-lts-saucy Ubuntu precise *
Linux-lts-saucy Ubuntu precise/esm *
Linux-lts-utopic Ubuntu trusty *
Linux-lts-wily Ubuntu trusty *
Linux-maguro Ubuntu trusty *
Linux-mako Ubuntu esm-apps/xenial *
Linux-mako Ubuntu trusty *
Linux-mako Ubuntu vivid/stable-phone-overlay *
Linux-mako Ubuntu xenial *
Linux-mako Ubuntu yakkety *
Linux-manta Ubuntu trusty *
Linux-qcm-msm Ubuntu precise *
Linux-raspi2 Ubuntu vivid/ubuntu-core *

References