CVE-2016-5340 — Vulnetix

Try Vulnetix Request Demo

CVE-2016-5340 REJECTED

The is_ashmem_file function in drivers/staging/android/ashmem.c in a certain Qualcomm Innovation Center (QuIC) Android patch for the Linux kernel 3.x mishandles pointer validation within the KGSL Linux Graphics Module, which allows attackers to bypass intended access restrictions by using the /ashmem string as the dentry name.

EPSS 0.03% · 9.6th percentile

Risk Scores

EPSS Score

0.03%

9.6th percentile

Affected Products

Vendor	Product	Versions
Ubuntu:14.04:LTS	linux-azure	0

Timeline

Aug 7, 2016 CVE Published
Feb 4, 2022 EPSS Score
Mar 28, 2022 EPSS Score
May 19, 2022 EPSS Score
Jul 10, 2022 EPSS Score
Sep 1, 2022 EPSS Score
Oct 23, 2022 EPSS Score
Dec 14, 2022 EPSS Score
Feb 4, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Mar 28, 2023 EPSS Score
May 19, 2023 EPSS Score

References

https://ubuntu.com/security/CVE-2016-5340 third-party-advisory
https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=06e51489061e5473b4e2035c79dcf7c27a6f75a6 third-party-advisory
https://www.codeaurora.org/invalid-path-check-ashmem-memory-file-cve-2016-5340 third-party-advisory
https://www.cve.org/CVERecord?id=CVE-2016-5340 third-party-advisory

Open in Interactive Console →