CVE-2016-2068

7.8 HIGH
Published: July 11, 2016 Modified: May 06, 2026
View on NVD

Description

The MSM QDSP6 audio driver (aka sound driver) for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to gain privileges or cause a denial of service (integer overflow, and buffer overflow or buffer over-read) via a crafted application that performs a (1) AUDIO_EFFECTS_WRITE or (2) AUDIO_EFFECTS_READ operation, aka Qualcomm internal bug CR1006609.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

CVSS v3.x Details

0.0 Low Medium High Critical 10.0
Vector String
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://source.android.com/security/bulletin/2016-07-01.html
Source: cve@mitre.org
Patch Vendor Advisory
https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=01ee86da5a0cd788f134e360e2be517ef52b6b00
Source: cve@mitre.org
Mailing List Patch Third Party Advisory
https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.10/commit/?id=9900650540c889f761d102202bc80306ae80ab83
Source: cve@mitre.org
Mailing List Patch Third Party Advisory
https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.18/commit/?id=2c04c0dab66013b7dfbe4d5a523c2c1d6b5b11d6
Source: cve@mitre.org
Mailing List Patch Third Party Advisory
https://www.codeaurora.org/multiple-vulnerabilities-msm-qdsp6-audio-driver-allow-kernel-memory-corruption-cve-2016-2068-0
Source: cve@mitre.org
Broken Link
http://source.android.com/security/bulletin/2016-07-01.html
Source: af854a3a-2127-422b-91ae-364da2661108
Patch Vendor Advisory
https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=01ee86da5a0cd788f134e360e2be517ef52b6b00
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Patch Third Party Advisory
https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.10/commit/?id=9900650540c889f761d102202bc80306ae80ab83
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Patch Third Party Advisory
https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.18/commit/?id=2c04c0dab66013b7dfbe4d5a523c2c1d6b5b11d6
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing List Patch Third Party Advisory
https://www.codeaurora.org/multiple-vulnerabilities-msm-qdsp6-audio-driver-allow-kernel-memory-corruption-cve-2016-2068-0
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link

10 reference(s) from NVD

Quick Stats

CVSS v3 Score
7.8 / 10.0
EPSS (Exploit Probability)
0.1%
32th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-190

Affected Vendors

google linux

Related CVEs

CVE-2026-8224 5.3
CVE-2026-8223 5.3
CVE-2026-8222 5.3
CVE-2026-8221 2.4
CVE-2026-8220 2.4