CVE-2016-6692 - Vulnerability Details - OpenCVE

drivers/video/msm/mdss/mdss_mdp_pp.c in the Qualcomm MDSS driver in Android before 2016-10-05 allows attackers to cause a denial of service (invalid pointer access) or possibly have unspecified other impact via unknown vectors, aka Qualcomm internal bug CR 1004933.

No CVSS v4.0

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Google	Android

Configuration 1 [-]

cpe:2.3:o:google:android:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://source.android.com/security/bulletin/2016-10-01.html
http://www.securityfocus.com/bid/93330
https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=0f0e7047d39f9fb3a1a7f389918ff79cdb4a50b3

History

No history.

MITRE

Status: PUBLISHED

Assigner: google_android

Published: 2016-10-10T10:00:00

Updated: 2024-08-06T01:36:29.475Z

Reserved: 2016-08-11T00:00:00

Link: CVE-2016-6692

Vulnrichment

No data.

NVD

Status : Modified

Published: 2016-10-10T11:00:09.107

Modified: 2024-11-21T02:56:38.600

Link: CVE-2016-6692

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2016-10-05T00:00:00", "descriptions": [{"lang": "en", "value": "drivers/video/msm/mdss/mdss_mdp_pp.c in the Qualcomm MDSS driver in Android before 2016-10-05 allows attackers to cause a denial of service (invalid pointer access) or possibly have unspecified other impact via unknown vectors, aka Qualcomm internal bug CR 1004933."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2016-11-25T19:57:01", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android"}, "references": [{"name": "93330", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/93330"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=0f0e7047d39f9fb3a1a7f389918ff79cdb4a50b3"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://source.android.com/security/bulletin/2016-10-01.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@android.com", "ID": "CVE-2016-6692", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "drivers/video/msm/mdss/mdss_mdp_pp.c in the Qualcomm MDSS driver in Android before 2016-10-05 allows attackers to cause a denial of service (invalid pointer access) or possibly have unspecified other impact via unknown vectors, aka Qualcomm internal bug CR 1004933."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "93330", "refsource": "BID", "url": "http://www.securityfocus.com/bid/93330"}, {"name": "https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=0f0e7047d39f9fb3a1a7f389918ff79cdb4a50b3", "refsource": "CONFIRM", "url": "https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=0f0e7047d39f9fb3a1a7f389918ff79cdb4a50b3"}, {"name": "http://source.android.com/security/bulletin/2016-10-01.html", "refsource": "CONFIRM", "url": "http://source.android.com/security/bulletin/2016-10-01.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T01:36:29.475Z"}, "title": "CVE Program Container", "references": [{"name": "93330", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/93330"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=0f0e7047d39f9fb3a1a7f389918ff79cdb4a50b3"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://source.android.com/security/bulletin/2016-10-01.html"}]}]}, "cveMetadata": {"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2016-6692", "datePublished": "2016-10-10T10:00:00", "dateReserved": "2016-08-11T00:00:00", "dateUpdated": "2024-08-06T01:36:29.475Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*", "matchCriteriaId": "595E33EF-6B21-425B-929C-6B883FA50081", "versionEndIncluding": "7.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "drivers/video/msm/mdss/mdss_mdp_pp.c in the Qualcomm MDSS driver in Android before 2016-10-05 allows attackers to cause a denial of service (invalid pointer access) or possibly have unspecified other impact via unknown vectors, aka Qualcomm internal bug CR 1004933."}, {"lang": "es", "value": "drivers/video/msm/mdss/mdss_mdp_pp.c en el controlador Qualcomm MDSS en Android en versiones anteriores a 2016-10-05 permite a atacantes provocar una denegaci\u00f3n de servicio (acceso a puntero no v\u00e1lido) o tener otro posible impacto no especificado a trav\u00e9s de vectores desconocidos, vulnerabilidad tambi\u00e9n conocida como error interno de Qualcomm CR 1004933."}], "id": "CVE-2016-6692", "lastModified": "2024-11-21T02:56:38.600", "metrics": {"cvssMetricV2": [{"acInsufInfo": true, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2016-10-10T11:00:09.107", "references": [{"source": "security@android.com", "tags": ["Vendor Advisory"], "url": "http://source.android.com/security/bulletin/2016-10-01.html"}, {"source": "security@android.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/93330"}, {"source": "security@android.com", "tags": ["Issue Tracking", "Patch"], "url": "https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=0f0e7047d39f9fb3a1a7f389918ff79cdb4a50b3"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://source.android.com/security/bulletin/2016-10-01.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/93330"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Patch"], "url": "https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=0f0e7047d39f9fb3a1a7f389918ff79cdb4a50b3"}], "sourceIdentifier": "security@android.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-476"}], "source": "nvd@nist.gov", "type": "Primary"}]}