First published: Mon May 01 2017(Updated: )
An elevation of privilege vulnerability in the Qualcomm LED driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18. Android ID: A-33863909. References: QC-CR#1109763.
Credit: security@android.com
Affected Software | Affected Version | How to fix |
---|---|---|
Linux Kernel | =3.18 | |
Android |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2016-10288 is rated as High severity due to its potential to allow local applications to execute arbitrary code within the kernel context.
To mitigate CVE-2016-10288, users should ensure that their Android devices are updated to the latest available version provided by the manufacturer.
CVE-2016-10288 affects Android operating systems running the Linux kernel version 3.18.
CVE-2016-10288 is classified as an elevation of privilege vulnerability in the Qualcomm LED driver.
No, CVE-2016-10288 requires a local malicious application to exploit the vulnerability after compromising a privileged process.