CVE-2016-3935

HIGH Year: 2016
CVSS v3 Score
7.8
High
CVSS v2 Score
9.3
Critical
Weakness Type
CWE-190
View all →

Vulnerability Description

Multiple integer overflows in drivers/crypto/msm/qcedev.c in the Qualcomm cryptographic engine driver in Android before 2016-10-05 on Nexus 5X, Nexus 6, Nexus 6P, and Android One devices allow attackers to gain privileges via a crafted application, aka Android internal bug 29999665 and Qualcomm internal bug CR 1046507.

Related Vulnerabilities

CVE-2002-2439

HIGH
CVSS:7.8(High)

Integer overflow in the new[] operator in gcc before 4.8.0 allows attackers to have unspecified impacts.

CWE-1902002

CVE-2004-2013

HIGH
CVSS:7.8(High)

Integer overflow in the SCTP_SOCKOPT_DEBUG_NAME SCTP socket option in socket.c in the Linux kernel 2.4.25 and earlier allows local users to execute arbitrary code via an optlen value of -1, which caus...

CWE-1902004

CVE-2011-1823

HIGH
CVSS:7.8(High)

The vold volume manager daemon on Android 3.0 and 2.x before 2.3.4 trusts messages that are received from a PF_NETLINK socket, which allows local users to execute arbitrary code and gain root privileg...

CWE-1902011

CVE-2012-0044

HIGH
CVSS:7.8(High)

Integer overflow in the drm_mode_dirtyfb_ioctl function in drivers/gpu/drm/drm_crtc.c in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 3.1.5 allows local users to gain privil...

CWE-1902012

CVE-2012-1185

HIGH
CVSS:7.8(High)

Multiple integer overflows in (1) magick/profile.c or (2) magick/property.c in ImageMagick 6.7.5 and earlier allow remote attackers to cause a denial of service (memory corruption) and possibly execut...

CWE-1902012

CVE-2012-5340

HIGH
CVSS:7.8(High)

SumatraPDF 2.1.1/MuPDF 1.0 allows remote attackers to cause an Integer Overflow in the lex_number() function via a corrupt PDF file.

CWE-1902012