Out-of-bounds write and memory corruption vulnerability in MSM QDSP6 audio driver

Out-of-bounds write and memory corruption vulnerability in MSM QDSP6 audio driver

CVE-2016-2065 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

sound/soc/msm/qdsp6v2/msm-audio-effects-q6-v2.c in the MSM QDSP6 audio driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to cause a denial of service (out-of-bounds write and memory corruption) or possibly have unspecified other impact via a crafted application that makes an ioctl call triggering incorrect use of a parameters pointer.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.