4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
0.002 Low
EPSS
Percentile
53.0%
The high level operating systems (HLOS) was not providing sufficient memory
address information to ensure that secure applications inside Qualcomm
Secure Execution Environment (QSEE) only write to legitimate memory ranges
related to the QSEE secure applicationโs HLOS client. When secure
applications inside Qualcomm Secure Execution Environment (QSEE) receive
memory addresses from a high level operating system (HLOS) such as Linux
Android, those address have previously been verified as belonging to HLOS
memory space rather than QSEE memory space, but they were not verified to
be from HLOS user space rather than kernel space. This lack of verification
could lead to privilege escalation within the HLOS.
Author | Note |
---|---|
jdstrand | android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.10 and earlier preview kernels linux-lts-saucy no longer receives official support linux-lts-quantal no longer receives official support |
tyhicks | Affected code is specific to the Qualcomm qseecom driver |
launchpad.net/bugs/cve/CVE-2016-5349
nvd.nist.gov/vuln/detail/CVE-2016-5349
security-tracker.debian.org/tracker/CVE-2016-5349
www.codeaurora.org/insufficient-memory-address-information-prevent-arbitrary-memory-access-qsee-secure-applications-cve
www.cve.org/CVERecord?id=CVE-2016-5349
www.qualcomm.com/company/product-security/security-advisories
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
5.5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
0.002 Low
EPSS
Percentile
53.0%