NVD Vulnerability Detail

CVE-2016-5340

Summary	The is_ashmem_file function in drivers/staging/android/ashmem.c in a certain Qualcomm Innovation Center (QuIC) Android patch for the Linux kernel 3.x mishandles pointer validation within the KGSL Linux Graphics Module, which allows attackers to bypass intended access restrictions by using the /ashmem string as the dentry name.
Publication Date	Aug. 8, 2016, 6:59 a.m.
Registration Date	Jan. 26, 2021, 2:13 p.m.
Last Update	Nov. 21, 2024, 11:54 a.m.

Affected software configurations

Configuration1		or higher	or less	more than	less than
cpe:2.3:o:google:android::::::::			7.0

Configuration2		or higher	or less	more than	less than
cpe:2.3:o:linux:linux_kernel::::::::		3.0	3.19.8

Related information, measures and tools

No	URL	タグ
1	http://source.android.com/security/bulletin/2016-10-01.html	Third Party Advisory
2	http://source.android.com/security/bulletin/2016-10-01.html	Third Party Advisory
3	http://www.securityfocus.com/bid/92374	Third Party Advisory VDB Entry
4	http://www.securityfocus.com/bid/92374	Third Party Advisory VDB Entry
5	http://www.securitytracker.com/id/1036763	Third Party Advisory VDB Entry
6	http://www.securitytracker.com/id/1036763	Third Party Advisory VDB Entry
7	https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=06e51489061e5473b4e2035c79dcf7c27a6f75a6	Mailing List Patch Third Party Advisory
8	https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=06e51489061e5473b4e2035c79dcf7c27a6f75a6	Mailing List Patch Third Party Advisory
9	https://www.codeaurora.org/invalid-path-check-ashmem-memory-file-cve-2016-5340	Broken Link
10	https://www.codeaurora.org/invalid-path-check-ashmem-memory-file-cve-2016-5340	Broken Link

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-20	不適切な入力確認	https://cwe.mitre.org/data/definitions/20.html

JVN Vulnerability Information

Linux Kernel 用の特定の QuIC Android パッチの drivers/staging/android/ashmem.c におけるアクセス制限を回避される脆弱性

Title	Linux Kernel 用の特定の QuIC Android パッチの drivers/staging/android/ashmem.c におけるアクセス制限を回避される脆弱性
Summary	Linux Kernel 用の特定の Qualcomm Innovation Center (QuIC) Android パッチの drivers/staging/android/ashmem.c の is_ashmem_file 関数は、KGSL Linux Graphics Module のポインタ検証を誤って処理するため、アクセス制限を回避される脆弱性が存在します。
Possible impacts	攻撃者により、dentry 名として /ashmem 文字列を使用されることで、アクセス制限を回避される可能性があります。
Solution	ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。
Publication Date	July 28, 2016, midnight
Registration Date	Aug. 15, 2016, 4:46 p.m.
Last Update	Nov. 17, 2016, 6:07 p.m.

Affected System

Google

Android

Linux

Linux Kernel 3.x

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2016-5340	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5340
National Vulnerability Database (NVD)
2	CVE-2016-5340	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5340

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-20	https://jvndb.jvn.jp/ja/cwe/CWE-20.html

ベンダー情報

No	Name	URL
Android Open Source Project
1	Android のセキュリティに関する公開情報 - 2016 年 10 月	http://source.android.com/security/bulletin/2016-10-01.html
Code Aurora Forum
2	ashmem: Validate ashmem memory with fops pointer	https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=06e51489061e5473b4e2035c79dcf7c27a6f75a6
3	Invalid Path Check on ashmem Memory File (CVE-2016-5340)	https://www.codeaurora.org/invalid-path-check-ashmem-memory-file-cve-2016-5340
Linux Kernel
4	Linux Kernel Archives	http://www.kernel.org

Change Log

No	Changed Details	Date of change
0	[2016年08月15日] 掲載 [2016年11月17日] 影響を受けるシステム：ベンダ情報の追加に伴い内容を更新ベンダ情報：Google (Android のセキュリティに関する公開情報 - 2016 年 10 月) を追加	Feb. 17, 2018, 10:37 a.m.