CVE-2016-5696
- EPSS 15.07%
- Veröffentlicht 06.08.2016 20:59:05
- Zuletzt bearbeitet 06.05.2026 22:30:45
net/ipv4/tcp_input.c in the Linux kernel before 4.7 does not properly determine the rate of challenge ACK segments, which makes it easier for remote attackers to hijack TCP sessions via a blind in-window attack.
CVE-2016-3841
- EPSS 0.3%
- Veröffentlicht 06.08.2016 20:59:01
- Zuletzt bearbeitet 06.05.2026 22:30:45
The IPv6 stack in the Linux kernel before 4.3.3 mishandles options data, which allows local users to gain privileges or cause a denial of service (use-after-free and system crash) via a crafted sendmsg system call.
CVE-2016-3856
- EPSS 0.47%
- Veröffentlicht 06.08.2016 10:59:57
- Zuletzt bearbeitet 06.05.2026 22:30:45
netd in Android before 2016-08-05 mishandles tethering and stdio streams, which allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted application, aka Qualcomm internal bug CR959631.
CVE-2016-3855
- EPSS 0.39%
- Veröffentlicht 06.08.2016 10:59:56
- Zuletzt bearbeitet 06.05.2026 22:30:45
drivers/thermal/supply_lm_core.c in the Qualcomm components in Android before 2016-08-05 does not validate a certain count parameter, which allows attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other ...
CVE-2016-3854
- EPSS 0.39%
- Veröffentlicht 06.08.2016 10:59:55
- Zuletzt bearbeitet 06.05.2026 22:30:45
drivers/media/video/msm/msm_mctl_buf.c in the Qualcomm components in Android before 2016-08-05 does not validate the image mode, which allows attackers to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impac...
CVE-2015-8944
- EPSS 0.59%
- Veröffentlicht 06.08.2016 10:59:54
- Zuletzt bearbeitet 06.05.2026 22:30:45
The ioresources_init function in kernel/resource.c in the Linux kernel through 4.7, as used in Android before 2016-08-05 on Nexus 6 and 7 (2013) devices, uses weak permissions for /proc/iomem, which allows local users to obtain sensitive information ...
CVE-2015-8943
- EPSS 0.45%
- Veröffentlicht 06.08.2016 10:59:53
- Zuletzt bearbeitet 06.05.2026 22:30:45
drivers/video/msm/mdss/mdss_mdp_util.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 devices does not verify that a mapping exists before proceeding with an unmap operation, which allows attackers to gain privileges via a crafted...
CVE-2015-8942
- EPSS 0.53%
- Veröffentlicht 06.08.2016 10:59:52
- Zuletzt bearbeitet 06.05.2026 22:30:45
drivers/media/platform/msm/camera_v2/pproc/cpp/msm_cpp.c in the Qualcomm components in Android before 2016-08-05 on Nexus 6 devices does not validate the stream state, which allows attackers to gain privileges via a crafted application, aka Android i...
CVE-2015-8941
- EPSS 0.53%
- Veröffentlicht 06.08.2016 10:59:50
- Zuletzt bearbeitet 06.05.2026 22:30:45
drivers/media/platform/msm/camera_v2/isp/msm_isp_axi_util.c in the Qualcomm components in Android before 2016-08-05 on Nexus 6 and 7 (2013) devices does not properly validate array indexes, which allows attackers to gain privileges via a crafted appl...
CVE-2015-8940
- EPSS 0.54%
- Veröffentlicht 06.08.2016 10:59:49
- Zuletzt bearbeitet 06.05.2026 22:30:45
Integer overflow in sound/soc/msm/qdsp6v2/q6lsm.c in the Qualcomm components in Android before 2016-08-05 on Nexus 6 devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28813987 and Qualcomm internal bug CR...