CVE-2016-2067

Severity CVSS v4.0:
Pending analysis
Type:
CWE-269 Improper Privilege Management
Publication date:
11/07/2016
Last modified:
12/04/2025

Description

drivers/gpu/msm/kgsl.c in the MSM graphics driver (aka GPU driver) for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, mishandles the KGSL_MEMFLAGS_GPUREADONLY flag, which allows attackers to gain privileges by leveraging accidental read-write mappings, aka Qualcomm internal bug CR988993.

Vulnerable products and versions

CPE From Up to
cpe:2.3:o:google:android:*:*:*:*:*:*:*:* 6.0.1 (including)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 3.0 (including) 3.19.8 (including)