VAR-201608-0172
Vulnerability from variot - Updated: 2023-12-18 11:05Android before 2016-08-05 does not properly restrict code execution in a kernel context, which allows attackers to gain privileges via a crafted application, as demonstrated by the kernel performance subsystem and the Qualcomm performance component, aka Android internal bugs 28086229 and 29119870 and Qualcomm internal bug CR1011071. GoogleNexus is a high-end mobile phone series powered by Google\342\200\231s original Android system. GoogleNexus has a privilege elevation vulnerability that could allow an attacker to execute arbitrary code using elevated kernel-wide permissions. Google Android is prone to multiple privilege escalation vulnerabilities. Attackers can exploit these issues to gain elevated privileges within the context of the affected application. These issues are being tracked by Android Bug IDs A-29119870 and A-28086229
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201608-0172",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "android",
"scope": "lte",
"trust": 1.0,
"vendor": "google",
"version": "6.0.1"
},
{
"model": "android",
"scope": "eq",
"trust": 0.9,
"vendor": "google",
"version": "6.0.1"
},
{
"model": "android",
"scope": "eq",
"trust": 0.8,
"vendor": "google",
"version": "2016-08-05"
},
{
"model": "nexus",
"scope": null,
"trust": 0.6,
"vendor": "google",
"version": null
},
{
"model": "nexus 6p",
"scope": null,
"trust": 0.6,
"vendor": "google",
"version": null
},
{
"model": "nexus",
"scope": "eq",
"trust": 0.6,
"vendor": "google",
"version": "5x"
},
{
"model": "pixel c",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0"
},
{
"model": "nexus player",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0"
},
{
"model": "nexus",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "9"
},
{
"model": "nexus",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "7"
},
{
"model": "nexus",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6"
},
{
"model": "nexus",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "5"
},
{
"model": "android one",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "6.0"
},
{
"model": "android",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-06076"
},
{
"db": "BID",
"id": "92237"
},
{
"db": "BID",
"id": "92250"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004253"
},
{
"db": "NVD",
"id": "CVE-2016-3843"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-029"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "6.0.1",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-3843"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Wish Wu (@wish_wu) of Trend Micro Inc",
"sources": [
{
"db": "BID",
"id": "92237"
}
],
"trust": 0.3
},
"cve": "CVE-2016-3843",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2016-3843",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2016-06076",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2016-3843",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-3843",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2016-06076",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201608-029",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULMON",
"id": "CVE-2016-3843",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-06076"
},
{
"db": "VULMON",
"id": "CVE-2016-3843"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004253"
},
{
"db": "NVD",
"id": "CVE-2016-3843"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-029"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Android before 2016-08-05 does not properly restrict code execution in a kernel context, which allows attackers to gain privileges via a crafted application, as demonstrated by the kernel performance subsystem and the Qualcomm performance component, aka Android internal bugs 28086229 and 29119870 and Qualcomm internal bug CR1011071. GoogleNexus is a high-end mobile phone series powered by Google\\342\\200\\231s original Android system. GoogleNexus has a privilege elevation vulnerability that could allow an attacker to execute arbitrary code using elevated kernel-wide permissions. Google Android is prone to multiple privilege escalation vulnerabilities. \nAttackers can exploit these issues to gain elevated privileges within the context of the affected application. \nThese issues are being tracked by Android Bug IDs A-29119870 and A-28086229",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-3843"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004253"
},
{
"db": "CNVD",
"id": "CNVD-2016-06076"
},
{
"db": "BID",
"id": "92237"
},
{
"db": "BID",
"id": "92250"
},
{
"db": "VULMON",
"id": "CVE-2016-3843"
}
],
"trust": 2.79
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-3843",
"trust": 3.7
},
{
"db": "BID",
"id": "92250",
"trust": 2.0
},
{
"db": "BID",
"id": "92237",
"trust": 1.4
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004253",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2016-06076",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2016.1866",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201608-029",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2016-3843",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-06076"
},
{
"db": "VULMON",
"id": "CVE-2016-3843"
},
{
"db": "BID",
"id": "92237"
},
{
"db": "BID",
"id": "92250"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004253"
},
{
"db": "NVD",
"id": "CVE-2016-3843"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-029"
}
]
},
"id": "VAR-201608-0172",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-06076"
}
],
"trust": 0.06
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-06076"
}
]
},
"last_update_date": "2023-12-18T11:05:49.374000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Android Security Bulletin-August 2016",
"trust": 0.8,
"url": "http://source.android.com/security/bulletin/2016-08-01.html"
},
{
"title": "Patch for GoogleNexus privilege escalation vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/80123"
},
{
"title": "Android Kernel Performance Subsystem Repair measures for privilege escalation",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=63419"
},
{
"title": "Android Security Bulletins: Android Security Bulletin\u2014August 2016",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=1c52474e34daae48915f8b4129072a86"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-06076"
},
{
"db": "VULMON",
"id": "CVE-2016-3843"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004253"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-029"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-004253"
},
{
"db": "NVD",
"id": "CVE-2016-3843"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "http://source.android.com/security/bulletin/2016-08-01.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/92250"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/bid/92237"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-3843"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-3843"
},
{
"trust": 0.6,
"url": "http://code.google.com/android/"
},
{
"trust": 0.6,
"url": "http://www.auscert.org.au/./render.html?it=37318"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/264.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2016-06076"
},
{
"db": "VULMON",
"id": "CVE-2016-3843"
},
{
"db": "BID",
"id": "92237"
},
{
"db": "BID",
"id": "92250"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004253"
},
{
"db": "NVD",
"id": "CVE-2016-3843"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-029"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2016-06076"
},
{
"db": "VULMON",
"id": "CVE-2016-3843"
},
{
"db": "BID",
"id": "92237"
},
{
"db": "BID",
"id": "92250"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-004253"
},
{
"db": "NVD",
"id": "CVE-2016-3843"
},
{
"db": "CNNVD",
"id": "CNNVD-201608-029"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-08-05T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-06076"
},
{
"date": "2016-08-05T00:00:00",
"db": "VULMON",
"id": "CVE-2016-3843"
},
{
"date": "2016-08-01T00:00:00",
"db": "BID",
"id": "92237"
},
{
"date": "2016-08-01T00:00:00",
"db": "BID",
"id": "92250"
},
{
"date": "2016-08-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-004253"
},
{
"date": "2016-08-05T20:59:34",
"db": "NVD",
"id": "CVE-2016-3843"
},
{
"date": "2016-08-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201608-029"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-08-05T00:00:00",
"db": "CNVD",
"id": "CNVD-2016-06076"
},
{
"date": "2016-11-28T00:00:00",
"db": "VULMON",
"id": "CVE-2016-3843"
},
{
"date": "2016-08-01T00:00:00",
"db": "BID",
"id": "92237"
},
{
"date": "2016-08-01T00:00:00",
"db": "BID",
"id": "92250"
},
{
"date": "2016-08-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-004253"
},
{
"date": "2016-11-28T20:12:44.843000",
"db": "NVD",
"id": "CVE-2016-3843"
},
{
"date": "2016-08-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201608-029"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "92237"
},
{
"db": "BID",
"id": "92250"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Android Vulnerability gained in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-004253"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "92237"
},
{
"db": "BID",
"id": "92250"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…