Vulnerability: Integer Overflow and Buffer Overflow in Qualcomm Audio Driver

Vulnerability: Integer Overflow and Buffer Overflow in Qualcomm Audio Driver

CVE-2016-5864 · HIGH Severity

AV:N/AC:M/AU:N/C:C/I:C/A:C

In an audio driver function in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, some parameters are from userspace, and if they are set to a large value, integer overflow is possible followed by buffer overflow. In another function, a missing check for a lower bound may result in an out of bounds memory access.

Learn more about our Cis Benchmark Audit For Google Android.