UBUNTU-CVE-2016-2067
- Source
- https://ubuntu.com/security/CVE-2016-2067
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2016/UBUNTU-CVE-2016-2067.json
- JSON Data
- https://api.osv.dev/v1/vulns/UBUNTU-CVE-2016-2067
- Related
- Withdrawn
- 2025-06-23T15:52:45Z
- Published
- 2016-07-11T01:59:00Z
- Modified
- 2026-02-04T04:08:47.704635Z
- Severity
-
- 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
- 7.8 (High) CVSS_V3 - CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
drivers/gpu/msm/kgsl.c in the MSM graphics driver (aka GPU driver) for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, mishandles the KGSLMEMFLAGSGPUREADONLY flag, which allows attackers to gain privileges by leveraging accidental read-write mappings, aka Qualcomm internal bug CR988993.
- References
-
- https://ubuntu.com/security/CVE-2016-2067
- https://www.codeaurora.org/privilege-escalation-vulnerability-graphics-driver-cve-2016-2067
- https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=410cfa95f0a1cf58819cbfbd896f9aa45b004ac0
- http://source.android.com/security/bulletin/2016-07-01.html
- https://www.cve.org/CVERecord?id=CVE-2016-2067
Affected packages
Ubuntu:Pro:16.04:LTS / linux-flo
Package
- Name
- linux-flo
- Purl
- pkg:deb/ubuntu/linux-flo@3.4.0-5.23?arch=source&distro=esm-apps/xenial
Ubuntu:Pro:16.04:LTS / linux-goldfish
Package
- Name
- linux-goldfish
- Purl
- pkg:deb/ubuntu/linux-goldfish@3.4.0-4.27?arch=source&distro=esm-apps/xenial