Candidate: CVE-2016-3850
PublicDate: 2016-08-05 20:59:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3850
 http://source.android.com/security/bulletin/2016-08-01.html
 https://source.codeaurora.org/quic/la/kernel/lk/commit/?id=030371d45a9dcda4d0cc3c76647e753a1cc1b782
Description:
 Integer overflow in app/aboot/aboot.c in the Qualcomm bootloader in Android
 before 2016-08-05 on Nexus 5, 5X, 6P, and 7 (2013) devices allows attackers
 to gain privileges via a crafted header field in a boot image, aka Android
 internal bug 27917291 and Qualcomm internal bug CR945164.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H [7.3 HIGH]

Patches_android:
upstream_android: needs-triage
precise_android: DNE
precise/esm_android: DNE
trusty_android: ignored (abandoned)
trusty/esm_android: DNE (trusty was ignored [abandoned])
vivid/stable-phone-overlay_android: ignored (reached end-of-life)
vivid/ubuntu-core_android: DNE
xenial_android: ignored (abandoned)
yakkety_android: ignored (reached end-of-life)
zesty_android: ignored (reached end-of-life)
artful_android: DNE
bionic_android: DNE
devel_android: DNE