cbcvebase.
CVE-2016-0807
published 2016-02-07

CVE-2016-0807: The get_build_id function in elf_utils.cpp in Debuggerd in Android 6.x before 2016-02-01 allows attackers to gain privileges via a crafted application that…

PriorityP336high8.4CVSS 3.0
AVLACLPRNUINSUCHIHAH
EPSS
0.21%
11.9th percentile
The get_build_id function in elf_utils.cpp in Debuggerd in Android 6.x before 2016-02-01 allows attackers to gain privileges via a crafted application that mishandles a Desc Size element in an ELF Note, aka internal bug 25187394.

Affected

4 ranges
VendorProductVersion rangeFixed in
debianandroid-platform-system-core< android-platform-system-core 1:7.0.0+r1-1 (bullseye)android-platform-system-core 1:7.0.0+r1-1 (bullseye)
googleandroid
googleandroid
googleandroid

CVSS provenance

nvdv3.08.4HIGHCVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.2HIGHAV:L/AC:L/Au:N/C:C/I:C/A:C
osv8.4HIGH
vendor_debian8.4LOW
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.