CVE-2016-5867

Published: Aug 16, 2017Modified: May 13, 2026

7.0

Vector

CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Exploitability: 1.0 / Impact: 5.9

Source: NVD

Description

In a sound driver in Android for MSM, Firefox OS for MSM, QRD Android, some variables are from userspace and values can be chosen that could result in stack overflow.

Affected (1)

Products: Google: Android

Google

1 product

Android

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Google Android	All versions

Related CWEs

CWE-264

References (6)

http://www.securityfocus.com/bid/98170

Source: product-security@qualcomm.com

Third Party AdvisoryVDB Entry

https://source.android.com/security/bulletin/2017-05-01

Source: product-security@qualcomm.com

PatchVendor Advisory

https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=065360da7147003aed8f59782b7652d565f56be5

Source: product-security@qualcomm.com

Issue TrackingPatchThird Party Advisory

http://www.securityfocus.com/bid/98170

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://source.android.com/security/bulletin/2017-05-01

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=065360da7147003aed8f59782b7652d565f56be5

Source: af854a3a-2127-422b-91ae-364da2661108

Issue TrackingPatchThird Party Advisory

Timeline

No history available yet.