Elevation of Privilege Vulnerability in Qualcomm GPU Driver

CVE numbers: CVE-2016-2062 [Bulletin-CVE-2016-2062]
Coordinated disclosure?: unknown
Categories: Elevation of Privilege Vulnerability in Qualcomm GPU Driver
Details: The adreno_perfcounter_query_group function in drivers/gpu/msm/adreno_perfcounter.c in the Adreno GPU driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, uses an incorrect integer data type, which allows attackers to cause a denial of service (integer overflow, heap-based buffer overflow, and incorrect memory allocation) or possibly have unspecified other impact via a crafted IOCTL_KGSL_PERFCOUNTER_QUERY ioctl call. [NIST-CVE-2016-2062]
Discovered by: on: Unknown
Reported on: 2016-06-01 [Bulletin-CVE-2016-2062]
Fixed on: Unknown
Fix released on: Unknown
Affected versions: regex:
Affected devices:
Affected manufacturers: Qualcomm [Bulletin-CVE-2016-2062]
Fixed versions:
Submission: by: Daniel Carter, on: 2019-07-29

CVE numbers: CVE-2016-2468 [Bulletin-CVE-2016-2468]
Coordinated disclosure?: unknown
Categories: Elevation of Privilege Vulnerability in Qualcomm GPU Driver
Details: The Qualcomm GPU driver in Android before 2016-06-01 on Nexus 5, 5X, 6, 6P, and 7 devices allows attackers to gain privileges via a crafted application, aka internal bug 27475454. [NIST-CVE-2016-2468]
Discovered by: on: Unknown
Reported on: 2016-06-01 [Bulletin-CVE-2016-2468]
Fixed on: Unknown
Fix released on: Unknown
Affected versions: regex:
Affected devices:
Affected manufacturers: Qualcomm [Bulletin-CVE-2016-2468]
Fixed versions:
Submission: by: Daniel Carter, on: 2019-07-29

AndroidVulnerabilities.org