Google Pixel/Pixel XL Qualcomm Avtimer Driver CVE-2016-5346 Information Disclosure Vulnerability

Google Pixel/Pixel XL are prone to an information-disclosure vulnerability.

An attacker can exploit this issue to obtain potentially sensitive information. Information obtained may aid in further attacks.

This issue is being tracked by Android Bug ID A-32551280.

Information

Bugtraq ID: 97371
Class: Configuration Error
CVE: CVE-2016-5346

Remote: Yes
Local: No
Published: Apr 03 2017 12:00AM
Credit: Jianqiang Zhao and pjf of IceSword Lab, Qihoo 360.
Vulnerable: Google Pixel XL 0
Google Pixel 0
Google Android 0

Not Vulnerable:

References:

• Android Homepage (Google)
  
• Android Security Bulletinâ??April 2017 (Android )
  
• drivers: soc: qcom: Add error handling in function avtimer_ioctl (CodeAurora)
  

Source: www.securityfocus.com