← back
CVE-2016-5340

CVE-2016-5340

EPSS 0.3%
The is_ashmem_file function in drivers/staging/android/ashmem.c in a certain Qualcomm Innovation Center (QuIC) Android patch for the Linux kernel 3.x mishandles pointer validation within the KGSL Linux Graphics Module, which allows attackers to bypass intended access restrictions by using the /ashmem string as the dentry name.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://source.android.com/security/bulletin/2016-10-01.htmlhttps://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=06e51489061e5473b4e2035c79dcf7c27a6f75a6https://www.codeaurora.org/invalid-path-check-ashmem-memory-file-cve-2016-5340http://www.securityfocus.com/bid/92374http://www.securitytracker.com/id/1036763