Back to all categorys

Elevation of privilege vulnerability in Qualcomm GPU driver

CVE-2016-8434

(json)

• CVE numbers: CVE-2016-8434 [Bulletin-CVE-2016-8434]
• Coordinated disclosure?: unknown
• Categories: Elevation of privilege vulnerability in Qualcomm GPU driver
• Details: An elevation of privilege vulnerability in the Qualcomm GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-32125137. References: QC-CR#1081855. [NIST-CVE-2016-8434]
• Discovered by: on: Unknown
• Reported on: 2017-01-01 [Bulletin-CVE-2016-8434]
• Fixed on: 2015-02-27 [QC-CR#1081855]
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2016-8434]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26

CVE-2016-2067

(json)

• CVE numbers: CVE-2016-2067 [Bulletin-CVE-2016-2067]
• Coordinated disclosure?: unknown
• Categories: Elevation of privilege vulnerability in Qualcomm GPU driver
• Details: drivers/gpu/msm/kgsl.c in the MSM graphics driver (aka GPU driver) for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, mishandles the KGSL_MEMFLAGS_GPUREADONLY flag, which allows attackers to gain privileges by leveraging accidental read-write mappings, aka Qualcomm internal bug CR988993. [NIST-CVE-2016-2067]
• Discovered by: on: Unknown
• Reported on: 2016-07-01 [Bulletin-CVE-2016-2067]
• Fixed on: 2016-03-17 [QC-CR988993]
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2016-2067]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-29

CVE-2016-2503

(json)

• CVE numbers: CVE-2016-2503 [Bulletin-CVE-2016-2503]
• Coordinated disclosure?: unknown
• Categories: Elevation of privilege vulnerability in Qualcomm GPU driver
• Details: The Qualcomm GPU driver in Android before 2016-07-05 on Nexus 5X and 6P devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28084795 and Qualcomm internal bug CR1006067. [NIST-CVE-2016-2503]
• Discovered by: on: Unknown
• Reported on: 2016-07-01 [Bulletin-CVE-2016-2503]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2016-2503]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-29

CVE-2016-2504

(json)

• CVE numbers: CVE-2016-2504 [Bulletin-CVE-2016-2504]
• Coordinated disclosure?: unknown
• Categories: Elevation of privilege vulnerability in Qualcomm GPU driver
• Details: The Qualcomm GPU driver in Android before 2016-08-05 on Nexus 5, 5X, 6, 6P, and 7 (2013) devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28026365 and Qualcomm internal bug CR1002974. [NIST-CVE-2016-2504]
• Discovered by: on: Unknown
• Reported on: 2016-08-01 [Bulletin-CVE-2016-2504]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2016-2504]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-29

CVE-2016-3842

(json)

• CVE numbers: CVE-2016-3842 [Bulletin-CVE-2016-3842]
• Coordinated disclosure?: unknown
• Categories: Elevation of privilege vulnerability in Qualcomm GPU driver
• Details: The Qualcomm GPU driver in Android before 2016-08-05 on Nexus 5X, 6, and 6P devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28377352 and Qualcomm internal bug CR1002974. [NIST-CVE-2016-3842]
• Discovered by: on: Unknown
• Reported on: 2016-08-01 [Bulletin-CVE-2016-3842]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2016-3842]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-29

CVE-2016-8479

(json)

• CVE numbers: CVE-2016-8479 [Bulletin-CVE-2016-8479]
• Coordinated disclosure?: unknown
• Categories: Elevation of privilege vulnerability in Qualcomm GPU driver
• Details: An elevation of privilege vulnerability in the Qualcomm GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31824853. References: QC-CR#1093687. [NIST-CVE-2016-8479]
• Discovered by: Yuan-Tsung Lo of C0RE Team [Discovery-CVE-2016-8479] on: Unknown
• Reported on: 2017-03-01 [Bulletin-CVE-2016-8479]
• Fixed on: Unknown
• Fix released on: Unknown
• Affected versions: regex:
• Affected devices:
• Affected manufacturers: Qualcomm [Bulletin-CVE-2016-8479]
• Fixed versions:
• Submission: by: Daniel Carter, on: 2019-07-26