CVE-2016-3893
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
The wcdcal_hwdep_ioctl_shared function in sound/soc/codecs/wcdcal-hwdep.c in the Qualcomm sound codec in Android before 2016-09-05 on Nexus 6P devices does not properly copy firmware data, which allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 29512527 and Qualcomm internal bug CR856400.
La función wcdcal_hwdep_ioctl_shared en sound/soc/codecs/wcdcal-hwdep.c en el códec de sonido Qualcomm en Android en versiones anteriores a 2016-09-05 en dispositivos Nexus 6P no copia adecuadamente datos de firmware, lo que permite a atacantes obtener información sensible a través de una aplicación manipulada, vulnerabilidad también conocida como error interno de Android 29512527 y error interno de Qualcomm CR856400.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2016-03-30 CVE Reserved
- 2016-09-11 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CAPEC
References (4)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/92884 | Vdb Entry | |
| http://www.securitytracker.com/id/1036763 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=a7a6ddc91cce7ad5ad55c9709b24bfc80f5ac873 | 2017-08-13 |
| URL | Date | SRC |
|---|---|---|
| http://source.android.com/security/bulletin/2016-09-01.html | 2017-08-13 |