CVE-2016-5862
Last modified
CVE-2016-5862 is a vulnerability of currently unknown severity. When a control related to codec is issued from userspace in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, the type casting is done to the container structure instead of the codec's individual structure, resulting in a device restart after kernel crash occurs.. EPSS estimates a 0.52% chance of exploitation in the next 30 days.
Description
When a control related to codec is issued from userspace in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, the type casting is done to the container structure instead of the codec's individual structure, resulting in a device restart after kernel crash occurs.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Android | All versions |
References
- http://www.securityfocus.com/bid/98194Third Party Advisory, VDB Entry
- https://source.android.com/security/bulletin/2017-05-01Patch, Vendor Advisory
- https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=4199451e83729a3add781eeafaee32994ff65b04Issue Tracking, Patch, Third Party Advisory
- http://www.securityfocus.com/bid/98194Third Party Advisory, VDB Entry
- https://source.android.com/security/bulletin/2017-05-01Patch, Vendor Advisory
- https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=4199451e83729a3add781eeafaee32994ff65b04Issue Tracking, Patch, Third Party Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2016-5862?
How severe is CVE-2016-5862?
How do I fix CVE-2016-5862?
Are you affected by CVE-2016-5862?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST