Elevation of Privilege Vulnerability in the Performance Component (CVE-2016-0819)
Release Date:
May 13, 2016
Affected Projects:
Advisory ID:
QCIR-2016-00008-1
CVE ID(s):
Summary:
CVE-2016-0819 A double-free in the performance component may result in elevation of privilege and execution of arbitrary code in the kernel. When a perf event is opened with the constraint_duplicate bit set, disabled, and then fd is closed, perf_release() causes the kernel to clean up the event as if it still were enabled, leading to the event being removed from a list twice.
Access Vector: Local
Security Risk: High
Access Vector: Local
Affected Versions:
Patch:
We advise customers to apply the following patches:
Note: This issue has been published in the Nexus Security Bulletin – April 2016 (https://source.android.com/security/bulletin/2016-04-02.html)
Acknowledgement:
This issue was reported to Google by a security researcher. Qualcomm Innovation Center, Inc. (QuIC) thanks Google for bringing this issue to QuIC's attention.
Revisions:
Initial revision