CVE-2016-8405 — Sensitive Information Exposure in INC Android
Severity
4.7MEDIUMNVD
OSV5.5
EPSS
0.3%
top 43.17%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJan 12
Latest updateMay 17
Description
An information disclosure vulnerability in kernel components including the ION subsystem, Binder, USB driver and networking subsystem could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31651010.
CVSS vector
CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:NExploitability: 1.0 | Impact: 3.6
Affected Packages6 packages
🔴Vulnerability Details
5GHSA▶
GHSA-2xmh-6vrf-q89v: An information disclosure vulnerability in kernel components including the ION subsystem, Binder, USB driver and networking subsystem could enable a l↗2022-05-17
OSV▶
CVE-2016-8405: An information disclosure vulnerability in kernel components including the ION subsystem, Binder, USB driver and networking subsystem could enable a l↗2017-01-12
📋Vendor Advisories
6Android▶
CVE-2016-8405: Android Security Bulletin 2016-12-01
CVE: CVE-2016-8405
Severity: MEDIUM
References: A-31651010*↗2016-12-01
💬Community
1Bugzilla
▶