Uninitialized Data Structures Vulnerability in Qualcomm QDSP6v2 Driver on Android Devices

Uninitialized Data Structures Vulnerability in Qualcomm QDSP6v2 Driver on Android Devices

CVE-2016-6682 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:N/A:N

drivers/misc/qcom/qdsp6v2/audio_utils.c in a Qualcomm QDSP6v2 driver in Android before 2016-10-05 on Nexus 5X, Nexus 6P, and Android One devices does not initialize certain data structures, which allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 30152501 and Qualcomm internal bug CR 1049615.

Learn more about our Cis Benchmark Audit For Google Android.