Published: 10/10/2016 Updated: 28/11/2016
CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
VMScore: 828
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Summary

The MediaTek video driver in Android prior to 2016-10-05 allows malicious users to gain privileges via a crafted application, aka Android internal bug 30019362 and MediaTek internal bug ALPS02829384.

Affected Products

Vendor Product Versions

Vendor Advisories

The Android Security Bulletin contains details of security vulnerabilities affecting Android devices Alongside the bulletin, we have released a security update to Nexus devices through an over-the-air (OTA) update The Nexus firmware images have also been released to the Google Developer site Security Patch Levels of October 05, 2016 or later add ...

Github Repositories

This repository houses a series of Proofs of Concept C programs that trigger vulnerabilities that I have found in Android If you found these useful and you want to say thanks I like swag Tshirts/Beer steins/coffe cups etc Email me for more info For the most up-to-date list of my bugs see plzdonthackme For the bugs listed with _mtkc I didn't bother even trying