CVE-2016-8399 — Improper Access Control in Kernel
Severity
7.0HIGHNVD
OSV5.5
EPSS
0.2%
top 52.11%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJan 12
Latest updateMay 14
Description
An elevation of privilege vulnerability in the kernel networking subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and current compiler optimizations restrict access to the vulnerable code. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31349935.
CVSS vector
CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.0 | Impact: 5.9
Affected Packages6 packages
🔴Vulnerability Details
5GHSA▶
GHSA-jjrq-xfh3-2fg8: An elevation of privilege vulnerability in the kernel networking subsystem could enable a local malicious application to execute arbitrary code within↗2022-05-14
OSV▶
CVE-2016-8399: An elevation of privilege vulnerability in the kernel networking subsystem could enable a local malicious application to execute arbitrary code within↗2017-01-12