var-201611-0132
Vulnerability from variot

An elevation of privilege vulnerability in the Qualcomm camera driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Android ID: A-30074605. References: Qualcomm QC-CR#1049826. GoogleNexus is a series of smart devices based on the Android operating system, including mobile phones and tablets. The smart device is powered by Google and licensed to partner hardware vendors for manufacturing. QualcommCameraDriver is one of the high-performance camera drivers. Google Nexus is prone to multiple privilege-escalation vulnerabilities. These issues are being tracked by Android Bug IDs A-30074605, A-30143904 and A-30559423

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201611-0132",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "android",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "google",
        "version": "7.0"
      },
      {
        "model": "android",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "google",
        "version": "7.1.0"
      },
      {
        "model": "android one",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "google",
        "version": "0"
      },
      {
        "model": "nexus 6p",
        "scope": null,
        "trust": 0.9,
        "vendor": "google",
        "version": null
      },
      {
        "model": "nexus",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "google",
        "version": "6"
      },
      {
        "model": "nexus",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "google",
        "version": "5x"
      },
      {
        "model": "pixel",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "google",
        "version": "0"
      },
      {
        "model": "pixel xl",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "google",
        "version": "0"
      },
      {
        "model": "android",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "google",
        "version": "2016-11-05"
      },
      {
        "model": "android",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "google",
        "version": "7.1.0"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-11134"
      },
      {
        "db": "BID",
        "id": "94142"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-006006"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-6739"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201611-246"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:google:android:7.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "7.1.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2016-6739"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Jianqiang Zhao (@jianqiangzhao) ,pjf of IceSword Lab, Qihoo 360 Technology Co. Ltd and Gengjia Chen (@chengjia4574)",
    "sources": [
      {
        "db": "BID",
        "id": "94142"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201611-246"
      }
    ],
    "trust": 0.9
  },
  "cve": "CVE-2016-6739",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.6,
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": true,
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Medium",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Complete",
            "baseScore": 9.3,
            "confidentialityImpact": "Complete",
            "exploitabilityScore": null,
            "id": "CVE-2016-6739",
            "impactScore": null,
            "integrityImpact": "Complete",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.9,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "CNVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CNVD-2016-11134",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.6,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 1.8,
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Local",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 7.8,
            "baseSeverity": "High",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2016-6739",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "Required",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2016-6739",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "CNVD",
            "id": "CNVD-2016-11134",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201611-246",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "VULMON",
            "id": "CVE-2016-6739",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-11134"
      },
      {
        "db": "VULMON",
        "id": "CVE-2016-6739"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-006006"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-6739"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201611-246"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "An elevation of privilege vulnerability in the Qualcomm camera driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Android ID: A-30074605. References: Qualcomm QC-CR#1049826. GoogleNexus is a series of smart devices based on the Android operating system, including mobile phones and tablets. The smart device is powered by Google and licensed to partner hardware vendors for manufacturing. QualcommCameraDriver is one of the high-performance camera drivers. Google Nexus is prone to multiple privilege-escalation vulnerabilities. \nThese issues are being tracked by Android Bug IDs A-30074605, A-30143904 and A-30559423",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2016-6739"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-006006"
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-11134"
      },
      {
        "db": "BID",
        "id": "94142"
      },
      {
        "db": "VULMON",
        "id": "CVE-2016-6739"
      }
    ],
    "trust": 2.52
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2016-6739",
        "trust": 3.4
      },
      {
        "db": "BID",
        "id": "94142",
        "trust": 2.6
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-006006",
        "trust": 0.8
      },
      {
        "db": "CNVD",
        "id": "CNVD-2016-11134",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201611-246",
        "trust": 0.6
      },
      {
        "db": "VULMON",
        "id": "CVE-2016-6739",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-11134"
      },
      {
        "db": "VULMON",
        "id": "CVE-2016-6739"
      },
      {
        "db": "BID",
        "id": "94142"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-006006"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-6739"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201611-246"
      }
    ]
  },
  "id": "VAR-201611-0132",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-11134"
      }
    ],
    "trust": 0.06
  },
  "iot_taxonomy": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "category": [
          "Network device"
        ],
        "sub_category": null,
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-11134"
      }
    ]
  },
  "last_update_date": "2023-12-18T13:03:12.800000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "Android Security Bulletin-November 2016",
        "trust": 0.8,
        "url": "https://source.android.com/security/bulletin/2016-11-01.html"
      },
      {
        "title": "Patch for GoogleNexusQualcommCameraDriver privilege escalation vulnerability",
        "trust": 0.6,
        "url": "https://www.cnvd.org.cn/patchinfo/show/83979"
      },
      {
        "title": "Google Android Qualcomm Camera Driver privilege vulnerability fixes",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=65615"
      },
      {
        "title": "Android Security Bulletins: Android Security Bulletin\u2014November 2016",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=29d79db4a6421689e55b5a9ce5d2aa60"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-11134"
      },
      {
        "db": "VULMON",
        "id": "CVE-2016-6739"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-006006"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201611-246"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-264",
        "trust": 1.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-006006"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-6739"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.4,
        "url": "http://www.securityfocus.com/bid/94142"
      },
      {
        "trust": 2.1,
        "url": "https://source.android.com/security/bulletin/2016-11-01.html"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-6739"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-6739"
      },
      {
        "trust": 0.3,
        "url": "http://code.google.com/android/"
      },
      {
        "trust": 0.3,
        "url": "https://developers.google.com/android/nexus/images"
      },
      {
        "trust": 0.3,
        "url": "https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=d291eebd8e43bba3229ae7ef9146a132894dc293"
      },
      {
        "trust": 0.3,
        "url": "https://source.codeaurora.org/quic/la//kernel/msm-3.10/commit/?id=ef78bd62f0c064ae4c827e158d828b2c110ebcdc"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/264.html"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      }
    ],
    "sources": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-11134"
      },
      {
        "db": "VULMON",
        "id": "CVE-2016-6739"
      },
      {
        "db": "BID",
        "id": "94142"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-006006"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-6739"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201611-246"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "CNVD",
        "id": "CNVD-2016-11134"
      },
      {
        "db": "VULMON",
        "id": "CVE-2016-6739"
      },
      {
        "db": "BID",
        "id": "94142"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-006006"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-6739"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201611-246"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2016-11-16T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2016-11134"
      },
      {
        "date": "2016-11-25T00:00:00",
        "db": "VULMON",
        "id": "CVE-2016-6739"
      },
      {
        "date": "2016-11-08T00:00:00",
        "db": "BID",
        "id": "94142"
      },
      {
        "date": "2016-11-29T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2016-006006"
      },
      {
        "date": "2016-11-25T16:59:42.147000",
        "db": "NVD",
        "id": "CVE-2016-6739"
      },
      {
        "date": "2016-11-15T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201611-246"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2016-11-16T00:00:00",
        "db": "CNVD",
        "id": "CNVD-2016-11134"
      },
      {
        "date": "2016-11-28T00:00:00",
        "db": "VULMON",
        "id": "CVE-2016-6739"
      },
      {
        "date": "2016-11-24T01:08:00",
        "db": "BID",
        "id": "94142"
      },
      {
        "date": "2016-11-29T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2016-006006"
      },
      {
        "date": "2016-11-28T20:34:58.293000",
        "db": "NVD",
        "id": "CVE-2016-6739"
      },
      {
        "date": "2016-11-29T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201611-246"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201611-246"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Android of  Qualcomm Elevation of privilege vulnerability in camera drivers",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-006006"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "permissions and access control",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201611-246"
      }
    ],
    "trust": 0.6
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading...

Loading...

Loading...

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.