CVE-2016-3857

Advisory lineage Upstream: 0 Downstream: 3

Downstream

DEBIAN-CVE-2016-3857 DLA-609-1 UBUNTU-CVE-2016-3857

Modified

Published: 05 Aug 2016, 20:00

Last modified:06 Aug 2024, 00:10

Vulnerability Summary

Overall Risk (default)

high

70/100

CVSS Score

9.3 HIGH

v2.0 (nvd)

EPSS Score

0.13% LOW

0% probability 0.00%

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

05 Aug 2016, 20:00

Published

Vulnerability first disclosed

06 Aug 2024, 00:10

Last Modified

Vulnerability information updated

Description

The kernel in Android before 2016-08-05 on Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application, aka internal bug 28522518.

CVSS Metrics

v3.0•HIGH•Score: 7.8CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
v2.0•HIGH•Score: 9.3AV:N/AC:M/Au:N/C:C/I:C/A:C

EPSS Trends

Current EPSS score: 0.13%• Percentile: 32%

Techniques & Countermeasures

CWE-264•Permissions, Privileges, and Access Controls
Weaknesses in this category are related to the management of permissions, privileges, and other security features that are used to perform access control.

Affected Systems

google•android
≤ 6.0.1

References (1)

http://source.android.com/security/bulletin/2016-08-01.html