The Qualcomm SPCom driver in Android before 7.0 allows local users to execute arbitrary code within the context of the kernel via a crafted application, aka Android internal bug 34386529 and Qualcomm internal bug CR#1094140.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Android | 7.0 (including) | 7.0 (including) | |
| Linux-armadaxp | Ubuntu | precise | * |
| Linux-flo | Ubuntu | trusty | * |
| Linux-flo | Ubuntu | vivid/stable-phone-overlay | * |
| Linux-flo | Ubuntu | xenial | * |
| Linux-flo | Ubuntu | yakkety | * |
| Linux-goldfish | Ubuntu | trusty | * |
| Linux-grouper | Ubuntu | trusty | * |
| Linux-linaro-omap | Ubuntu | precise | * |
| Linux-linaro-shared | Ubuntu | precise | * |
| Linux-linaro-vexpress | Ubuntu | precise | * |
| Linux-lts-quantal | Ubuntu | precise | * |
| Linux-lts-quantal | Ubuntu | precise/esm | * |
| Linux-lts-raring | Ubuntu | precise | * |
| Linux-lts-raring | Ubuntu | precise/esm | * |
| Linux-lts-saucy | Ubuntu | precise | * |
| Linux-lts-saucy | Ubuntu | precise/esm | * |
| Linux-lts-utopic | Ubuntu | trusty | * |
| Linux-lts-wily | Ubuntu | trusty | * |
| Linux-maguro | Ubuntu | trusty | * |
| Linux-mako | Ubuntu | trusty | * |
| Linux-mako | Ubuntu | vivid/stable-phone-overlay | * |
| Linux-mako | Ubuntu | xenial | * |
| Linux-mako | Ubuntu | yakkety | * |
| Linux-manta | Ubuntu | trusty | * |
| Linux-qcm-msm | Ubuntu | precise | * |
| Linux-raspi2 | Ubuntu | vivid/ubuntu-core | * |
| Linux-ti-omap4 | Ubuntu | precise | * |