CVE-2016-5863

Summary

In an ioctl handler in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, several sanity checks are missing which can lead to out-of-bounds accesses.

Affected Software

VendorProductVersion RangeStatus
Qualcomm, Inc.All Qualcomm productsAndroid for MSM, Firefox OS for MSM, QRD Androidaffected

Weaknesses

  • Improper Validation of Array Index in USB

ADP Enrichment

CVE Program Container

Additional References

References