CVE-2016-5346

Severity CVSS v4.0:
Pending analysis
Type:
CWE-200 Information Leak / Disclosure
Publication date:
08/01/2020
Last modified:
12/01/2020

Description

An Information Disclosure vulnerability exists in the Google Pixel/Pixel SL Qualcomm Avtimer Driver due to a NULL pointer dereference when processing an accept system call by the user process on AF_MSM_IPC sockets, which could let a local malicious user obtain sensitive information (Android Bug ID A-32551280).

Vulnerable products and versions

CPE From Up to
cpe:2.3:o:google:android:*:*:*:*:*:*:*:* 7.0 (excluding)
cpe:2.3:h:google:pixel:-:*:*:*:*:*:*:*
cpe:2.3:h:google:pixel_xl:-:*:*:*:*:*:*:*
cpe:2.3:o:google:android:*:*:*:*:*:*:*:* 7.0 (excluding)