Denial of Service and Buffer Over-read Vulnerability in MSM QDSP6 Audio Driver

Denial of Service and Buffer Over-read Vulnerability in MSM QDSP6 Audio Driver

CVE-2016-2064 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

sound/soc/msm/qdsp6v2/msm-audio-effects-q6-v2.c in the MSM QDSP6 audio driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted application that makes an ioctl call specifying many commands.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.