Buffer overflow vulnerability in QDSP6v2 Voice Service driver in Linux kernel 3.x

Buffer overflow vulnerability in QDSP6v2 Voice Service driver in Linux kernel 3.x

CVE-2016-5343 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

drivers/soc/qcom/qdsp6v2/voice_svc.c in the QDSP6v2 Voice Service driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a write request, as demonstrated by a voice_svc_send_req buffer overflow.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.