Details of VAR-201608-0373

ID

VAR-201608-0373

CVE

CVE-2014-9867

TITLE

Nexus 5 and 7 (2013) Run on device Android of Qualcomm Vulnerability gained privileges in components

Trust: 0.8

sources: JVNDB: JVNDB-2016-004211

DESCRIPTION

drivers/media/platform/msm/camera_v2/isp/msm_isp_axi_util.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices does not validate the number of streams, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28749629 and Qualcomm internal bug CR514702. AndroidonNexus is a high-end mobile phone series powered by Google's original Android system. Androidbefore2016-08-05onNexus5 and 7devices have privilege escalation vulnerabilities that allow an attacker to gain access to a well-crafted application. Google Nexus is prone to multiple privilege escalation vulnerabilities. Attackers can exploit these issues to execute arbitrary code with elevated privileges within the context of the kernel. These issues are being tracked by Android Bug IDs A-28768146, A-28747998, A-28748271, A-28747684, A-28749629, A-28749721, A-28749728, A-28749743, A-28749803, A-28750155, A-28750726, A-28751152, A-28767589, A-28767796, A-28768281, A-28769208, A-28769221, A-28769352, A-28769368, A-28769546, A-28769912, A-28769920, A-28769959, A-28815575, A-28804057, A-28803642, A-28803645, A-28803962, A-28804030, A-28398884, A-28813987, A-28814502, A-28814652, A-28815158, A-28749283, and A-28770207

Trust: 2.52

sources: NVD: CVE-2014-9867 // JVNDB: JVNDB-2016-004211 // CNVD: CNVD-2016-06290 // BID: 92219 // VULMON: CVE-2014-9867

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2016-06290

AFFECTED PRODUCTS

vendor:	google	model:	android	scope:	lte	version:	6.0.1	Trust: 1.0
vendor:	google	model:	android	scope:	eq	version:	2016-08-05	Trust: 0.8
vendor:	google	model:	android	scope:	eq	version:	5<2016-08-05	Trust: 0.6
vendor:	google	model:	android	scope:	eq	version:	7(2013)<2016-08-05	Trust: 0.6
vendor:	google	model:	android	scope:	eq	version:	6.0.1	Trust: 0.6
vendor:	google	model:	nexus	scope:	eq	version:	7	Trust: 0.3
vendor:	google	model:	nexus 6p	scope:	-	version:	-	Trust: 0.3
vendor:	google	model:	nexus	scope:	eq	version:	6	Trust: 0.3
vendor:	google	model:	nexus	scope:	eq	version:	5x	Trust: 0.3
vendor:	google	model:	nexus	scope:	eq	version:	5	Trust: 0.3

sources: CNVD: CNVD-2016-06290 // BID: 92219 // JVNDB: JVNDB-2016-004211 // CNNVD: CNNVD-201608-110 // NVD: CVE-2014-9867

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2014-9867
value:	HIGH
Trust: 1.0
NVD:	CVE-2014-9867
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2016-06290
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201608-110
value:	CRITICAL
Trust: 0.6
VULMON:	CVE-2014-9867
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2014-9867
severity:	HIGH
baseScore:	9.3
vectorString:	AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.1
NVD:	CVE-2014-9867
severity:	MEDIUM
baseScore:	6.9
vectorString:	AV:L/AC:M/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
CNVD:	CNVD-2016-06290
severity:	HIGH
baseScore:	9.3
vectorString:	AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	8.6
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

nvd@nist.gov:	CVE-2014-9867
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.0
Trust: 1.8

sources: CNVD: CNVD-2016-06290 // VULMON: CVE-2014-9867 // JVNDB: JVNDB-2016-004211 // CNNVD: CNNVD-201608-110 // NVD: CVE-2014-9867

PROBLEMTYPE DATA

problemtype:

CWE-264

Trust: 1.8

sources: JVNDB: JVNDB-2016-004211 // NVD: CVE-2014-9867

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201608-110

TYPE

permissions and access control

Trust: 0.6

sources: CNNVD: CNNVD-201608-110

CONFIGURATIONS

sources: JVNDB: JVNDB-2016-004211

PATCH

title:	Android Security Bulletin-August 2016	url:	http://source.android.com/security/bulletin/2016-08-01.html	Trust: 0.8
title:	msm:camera: Fix multiple bounds check	url:	https://source.codeaurora.org/quic/la/kernel/msm/commit/?id=322c518689a7f820165ca4c5d6b750b02ac34665	Trust: 0.8
title:	Patch for AndroidonNexusdevices Privilege Escalation Vulnerability (CNVD-2016-06290)	url:	https://www.cnvd.org.cn/patchInfo/show/80376	Trust: 0.6
title:	Android on Nexus Qualcomm Fixes for component security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=63503	Trust: 0.6
title:	Android Security Bulletins: Android Security Bulletin—August 2016	url:	https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins&qid=1c52474e34daae48915f8b4129072a86	Trust: 0.1

sources: CNVD: CNVD-2016-06290 // VULMON: CVE-2014-9867 // JVNDB: JVNDB-2016-004211 // CNNVD: CNNVD-201608-110

EXTERNAL IDS

db:	NVD	id:	CVE-2014-9867	Trust: 3.4
db:	BID	id:	92219	Trust: 1.4
db:	JVNDB	id:	JVNDB-2016-004211	Trust: 0.8
db:	CNVD	id:	CNVD-2016-06290	Trust: 0.6
db:	CNNVD	id:	CNNVD-201608-110	Trust: 0.6
db:	VULMON	id:	CVE-2014-9867	Trust: 0.1

sources: CNVD: CNVD-2016-06290 // VULMON: CVE-2014-9867 // BID: 92219 // JVNDB: JVNDB-2016-004211 // CNNVD: CNNVD-201608-110 // NVD: CVE-2014-9867

REFERENCES

url:	https://source.codeaurora.org/quic/la/kernel/msm/commit/?id=322c518689a7f820165ca4c5d6b750b02ac34665	Trust: 2.3
url:	http://source.android.com/security/bulletin/2016-08-01.html	Trust: 2.1
url:	http://www.securityfocus.com/bid/92219	Trust: 1.2
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-9867	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-9867	Trust: 0.8
url:	http://code.google.com/android/	Trust: 0.3
url:	https://developers.google.com/android/nexus/images#mantaray	Trust: 0.3
url:	https://cwe.mitre.org/data/definitions/264.html	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1

sources: CNVD: CNVD-2016-06290 // VULMON: CVE-2014-9867 // BID: 92219 // JVNDB: JVNDB-2016-004211 // CNNVD: CNNVD-201608-110 // NVD: CVE-2014-9867

CREDITS

The vendor reported these issues.

Trust: 0.3

sources: BID: 92219

SOURCES

db:	CNVD	id:	CNVD-2016-06290
db:	VULMON	id:	CVE-2014-9867
db:	BID	id:	92219
db:	JVNDB	id:	JVNDB-2016-004211
db:	CNNVD	id:	CNNVD-201608-110
db:	NVD	id:	CVE-2014-9867

LAST UPDATE DATE

2025-04-13T23:02:45.543000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2016-06290	date:	2016-08-15T00:00:00
db:	VULMON	id:	CVE-2014-9867	date:	2016-11-28T00:00:00
db:	BID	id:	92219	date:	2016-08-01T00:00:00
db:	JVNDB	id:	JVNDB-2016-004211	date:	2016-08-10T00:00:00
db:	CNNVD	id:	CNNVD-201608-110	date:	2016-08-09T00:00:00
db:	NVD	id:	CVE-2014-9867	date:	2025-04-12T10:46:40.837

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2016-06290	date:	2016-08-12T00:00:00
db:	VULMON	id:	CVE-2014-9867	date:	2016-08-06T00:00:00
db:	BID	id:	92219	date:	2016-08-01T00:00:00
db:	JVNDB	id:	JVNDB-2016-004211	date:	2016-08-10T00:00:00
db:	CNNVD	id:	CNNVD-201608-110	date:	2016-08-09T00:00:00
db:	NVD	id:	CVE-2014-9867	date:	2016-08-06T10:59:06.523