CVE-2016-8399

CVSS v3.1 7 (High)

CVSS v2.0 7.6 (High)

EPSS 0.25 % (66^th)

Affected Products 1

Advisories 22

An elevation of privilege vulnerability in the kernel networking subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and current compiler optimizations restrict access to the vulnerable code. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31349935.

Weaknesses

CWE-284: Improper Access Control

CVE Status: PUBLISHED
CNA: Android (associated with Google Inc. or Open Handset Alliance)
Published Date: 2017-01-12 15:59:01
(7 years ago)
Updated Date: 2024-04-02 18:02:05
(5 months ago)

Affected Products

Linux

Linux Kernel

Configuration #1

	CPE23	From	Up To
Linux Kernel from 3.19 version and prior 4.1.37 version	cpe:2.3:o:linux:linux_kernel	>= 3.19	< 4.1.37
Linux Kernel from 4.2 version and prior 4.4.38 version	cpe:2.3:o:linux:linux_kernel	>= 4.2	< 4.4.38
Linux Kernel from 4.5 version and prior 4.8.14 version	cpe:2.3:o:linux:linux_kernel	>= 4.5	< 4.8.14