CVE-2016-6707
published 2016-11-25CVE-2016-6707: An elevation of privilege vulnerability in System Server in Android 6.x before 2016-11-01 and 7.0 before 2016-11-01 could enable a local malicious application…
PriorityP347high7.8CVSS 3.0
AVLACLPRNUIRSUCHIHAH
EXPLOIT
EPSS
4.15%
89.6th percentile
An elevation of privilege vulnerability in System Server in Android 6.x before 2016-11-01 and 7.0 before 2016-11-01 could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Android ID: A-31350622.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| android | — | — | |
| android | — | — | |
| android | 6.0 – 6.0.1 | — | |
| google_inc | android | — | — |
| google_inc | android | — | — |
| google_inc | android | — | — |
CVSS provenance
nvdv3.07.8HIGHCVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.09.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
osv7.8HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-jcfm-9hmq-23cj: An elevation of privilege vulnerability in System Server in Android 6
ghsa_unreviewed·2022-05-14
CVE-2016-6707 [HIGH] GHSA-jcfm-9hmq-23cj: An elevation of privilege vulnerability in System Server in Android 6
An elevation of privilege vulnerability in System Server in Android 6.x before 2016-11-01 and 7.0 before 2016-11-01 could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Android ID: A-31350622.
Project0
BitUnmap: Attacking Android Ashmem - Project Zero
project_zero·2016-12-01
CVE-2016-6707 BitUnmap: Attacking Android Ashmem - Project Zero
Posted by Gal Beniamini, Project Zero
The law of leaky abstractions states that “all non-trivial abstractions, to some degree, are leaky”. In this blog post we’ll explore the ashmem shared memory interface provided by Android and see how false assumptions about its internal operation can result in security vulnerabilities affecting core system code.
We’ll walk through the process of discovering and exploiting a vulnerability resulting from this leaky abstraction, which will allow us to elevate our privileges from any Android application to a multitude of privileged contexts, including the highly-privileged “system_server”. This vulnerability has been present in the core Android platform code for the Marshmallow and Nougat versions. It has now been fixed in the recent Android bulletin.
OSV
CVE-2016-6707: An elevation of privilege vulnerability in System Server in Android 6
osv·2016-11-25·CVSS 7.8
CVE-2016-6707 [HIGH] CVE-2016-6707: An elevation of privilege vulnerability in System Server in Android 6
An elevation of privilege vulnerability in System Server in Android 6.x before 2016-11-01 and 7.0 before 2016-11-01 could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Android ID: A-31350622.
Android
CVE-2016-6707: Android Security Bulletin 2016-11-01
CVE: CVE-2016-6707
Severity: HIGH
Affected AOSP versions: 6
vendor_android·2016-11-01·CVSS 7.8
CVE-2016-6707 [HIGH] CVE-2016-6707: Android Security Bulletin 2016-11-01
CVE: CVE-2016-6707
Severity: HIGH
Affected AOSP versions: 6
Android Security Bulletin 2016-11-01
CVE: CVE-2016-6707
Severity: HIGH
Affected AOSP versions: 6.0, 6.0.1, 7.0
References: A-31350622
No detection rules found.
No writeups or analysis indexed.
http://www.securityfocus.com/bid/94164https://bugs.chromium.org/p/project-zero/issues/detail?id=928https://googleprojectzero.blogspot.com/2016/12/bitunmap-attacking-android-ashmem.htmlhttps://source.android.com/security/bulletin/2016-11-01.htmlhttps://www.exploit-db.com/exploits/40874/http://www.securityfocus.com/bid/94164https://bugs.chromium.org/p/project-zero/issues/detail?id=928https://googleprojectzero.blogspot.com/2016/12/bitunmap-attacking-android-ashmem.htmlhttps://source.android.com/security/bulletin/2016-11-01.htmlhttps://www.exploit-db.com/exploits/40874/
2016-11-25
Published