CVE-2016-5862 Information

Description

When a control related to codec is issued from userspace in all Qualcomm products with Android for MSM Firefox OS for MSM or QRD Android the type casting is done to the container structure instead of the codec’s individual structure resulting in a device restart after kernel crash occurs.

CVSS Vector

CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Reference

http://www.securityfocus.com/bid/98194 https://source.android.com/security/bulletin/2017-05-01 https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=4199451e83729a3add781eeafaee32994ff65b04

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction Required

NONE

Scope

REQUIRED

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

HIGH

Base Severity

7.0