ID

VAR-201611-0131


CVE

CVE-2016-6738


TITLE

Android of Qualcomm Elevation of privilege vulnerability in encryption engine driver

Trust: 0.8

sources: JVNDB: JVNDB-2016-006005

DESCRIPTION

An elevation of privilege vulnerability in the Qualcomm crypto engine driver in Android before 2016-11-05 could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Android ID: A-30034511. References: Qualcomm QC-CR#1050538. GoogleNexus5X and so on are all smart devices from Google. Qualcommcryptoengine is one of the Qualcomm encryption engine drivers. Google Nexus is prone to a privilege-escalation vulnerability

Trust: 2.52

sources: NVD: CVE-2016-6738 // JVNDB: JVNDB-2016-006005 // CNVD: CNVD-2016-11147 // BID: 94208 // VULMON: CVE-2016-6738

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2016-11147

AFFECTED PRODUCTS

vendor:googlemodel:androidscope:eqversion:7.0

Trust: 1.6

vendor:googlemodel:androidscope:lteversion:7.1.0

Trust: 1.0

vendor:googlemodel:androidscope:eqversion:2016-11-05

Trust: 0.8

vendor:googlemodel:android one devicesscope: - version: -

Trust: 0.6

vendor:googlemodel:android(on nexusscope:eqversion:5x)

Trust: 0.6

vendor:googlemodel:androidscope: - version: -

Trust: 0.6

vendor:googlemodel:pixelscope: - version: -

Trust: 0.6

vendor:googlemodel:pixel xlscope: - version: -

Trust: 0.6

vendor:googlemodel:android(on nexusscope:eqversion:6)

Trust: 0.6

vendor:googlemodel:androidscope:eqversion:7.1.0

Trust: 0.6

vendor:googlemodel:pixel xlscope:eqversion:0

Trust: 0.3

vendor:googlemodel:pixelscope:eqversion:0

Trust: 0.3

vendor:googlemodel:nexus 6pscope: - version: -

Trust: 0.3

vendor:googlemodel:nexusscope:eqversion:6

Trust: 0.3

vendor:googlemodel:nexusscope:eqversion:5x

Trust: 0.3

vendor:googlemodel:android onescope:eqversion:0

Trust: 0.3

vendor:googlemodel:androidscope:eqversion:0

Trust: 0.3

sources: CNVD: CNVD-2016-11147 // BID: 94208 // JVNDB: JVNDB-2016-006005 // CNNVD: CNNVD-201611-283 // NVD: CVE-2016-6738

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2016-6738
value: HIGH

Trust: 1.0

NVD: CVE-2016-6738
value: HIGH

Trust: 0.8

CNVD: CNVD-2016-11147
value: HIGH

Trust: 0.6

CNNVD: CNNVD-201611-283
value: CRITICAL

Trust: 0.6

VULMON: CVE-2016-6738
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2016-6738
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

CNVD: CNVD-2016-11147
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2016-6738
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.0

Trust: 1.8

sources: CNVD: CNVD-2016-11147 // VULMON: CVE-2016-6738 // JVNDB: JVNDB-2016-006005 // CNNVD: CNNVD-201611-283 // NVD: CVE-2016-6738

PROBLEMTYPE DATA

problemtype:CWE-264

Trust: 1.8

sources: JVNDB: JVNDB-2016-006005 // NVD: CVE-2016-6738

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201611-283

TYPE

permissions and access control

Trust: 0.6

sources: CNNVD: CNNVD-201611-283

CONFIGURATIONS

sources: JVNDB: JVNDB-2016-006005

PATCH

title:Android Security Bulletin-November 2016url:https://source.android.com/security/bulletin/2016-11-01.html

Trust: 0.8

title:Patch for GoogleNexusQualcommCryptoEngineDriver Privilege Escalation Vulnerabilityurl:https://www.cnvd.org.cn/patchInfo/show/83977

Trust: 0.6

title:Multiple Google product Qualcomm crypto engine Driver privilege vulnerability fixesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=65652

Trust: 0.6

title:Android Security Bulletins: Android Security Bulletin—November 2016url:https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins&qid=29d79db4a6421689e55b5a9ce5d2aa60

Trust: 0.1

sources: CNVD: CNVD-2016-11147 // VULMON: CVE-2016-6738 // JVNDB: JVNDB-2016-006005 // CNNVD: CNNVD-201611-283

EXTERNAL IDS

db:NVDid:CVE-2016-6738

Trust: 3.4

db:BIDid:94208

Trust: 2.6

db:JVNDBid:JVNDB-2016-006005

Trust: 0.8

db:CNVDid:CNVD-2016-11147

Trust: 0.6

db:CNNVDid:CNNVD-201611-283

Trust: 0.6

db:VULMONid:CVE-2016-6738

Trust: 0.1

sources: CNVD: CNVD-2016-11147 // VULMON: CVE-2016-6738 // BID: 94208 // JVNDB: JVNDB-2016-006005 // CNNVD: CNNVD-201611-283 // NVD: CVE-2016-6738

REFERENCES

url:http://www.securityfocus.com/bid/94208

Trust: 2.4

url:https://source.android.com/security/bulletin/2016-11-01.html

Trust: 2.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-6738

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-6738

Trust: 0.8

url:http://code.google.com/android/

Trust: 0.3

url:https://cwe.mitre.org/data/definitions/264.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

sources: CNVD: CNVD-2016-11147 // VULMON: CVE-2016-6738 // BID: 94208 // JVNDB: JVNDB-2016-006005 // CNNVD: CNNVD-201611-283 // NVD: CVE-2016-6738

CREDITS

Gengjia Chen (@chengjia4574) and pjf of IceSword Lab, Qihoo 360 Technology Co. Ltd

Trust: 0.9

sources: BID: 94208 // CNNVD: CNNVD-201611-283

SOURCES

db:CNVDid:CNVD-2016-11147
db:VULMONid:CVE-2016-6738
db:BIDid:94208
db:JVNDBid:JVNDB-2016-006005
db:CNNVDid:CNNVD-201611-283
db:NVDid:CVE-2016-6738

LAST UPDATE DATE

2024-08-14T15:34:48.381000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2016-11147date:2016-11-16T00:00:00
db:VULMONid:CVE-2016-6738date:2016-11-28T00:00:00
db:BIDid:94208date:2016-11-24T01:09:00
db:JVNDBid:JVNDB-2016-006005date:2016-11-29T00:00:00
db:CNNVDid:CNNVD-201611-283date:2016-11-29T00:00:00
db:NVDid:CVE-2016-6738date:2016-11-28T20:34:57.263

SOURCES RELEASE DATE

db:CNVDid:CNVD-2016-11147date:2016-11-16T00:00:00
db:VULMONid:CVE-2016-6738date:2016-11-25T00:00:00
db:BIDid:94208date:2016-11-08T00:00:00
db:JVNDBid:JVNDB-2016-006005date:2016-11-29T00:00:00
db:CNNVDid:CNNVD-201611-283date:2016-11-15T00:00:00
db:NVDid:CVE-2016-6738date:2016-11-25T16:59:41.053