Improper input validation in Linux kernel - CVE-2016-5340
Published: August 8, 2016 / Updated: August 10, 2024
Vulnerability identifier: #VU95703
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear
CVE-ID: CVE-2016-5340
CWE-ID: CWE-20
Exploitation vector: Local access
Exploit availability:
Public exploit is available
Vendor: Linux Foundation
Affected software:
Linux kernel
Linux kernel
Detailed vulnerability description
The vulnerability allows a local user to execute arbitrary code.
The is_ashmem_file function in drivers/staging/android/ashmem.c in a certain Qualcomm Innovation Center (QuIC) Android patch for the Linux kernel 3.x mishandles pointer validation within the KGSL Linux Graphics Module, which allows attackers to bypass intended access restrictions by using the /ashmem string as the dentry name.
How to mitigate CVE-2016-5340
Install update from vendor's repository.
Sources
- http://source.android.com/security/bulletin/2016-10-01.html
- http://www.securityfocus.com/bid/92374
- http://www.securitytracker.com/id/1036763
- https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=06e51489061e5473b4e2035c79dcf7c27a6f75a6
- https://www.codeaurora.org/invalid-path-check-ashmem-memory-file-cve-2016-5340