Integer overflows in MDSS driver for Linux kernel 3.x: Denial of Service and Possible Impact

Integer overflows in MDSS driver for Linux kernel 3.x: Denial of Service and Possible Impact

CVE-2016-5344 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Multiple integer overflows in the MDSS driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allow attackers to cause a denial of service or possibly have unspecified other impact via a large size value, related to mdss_compat_utils.c, mdss_fb.c, and mdss_rotator.c.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.