CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2016-3748

The sockets subsystem in Android 6.x before 2016-07-01 allows attackers to bypass intended system-call restrictions via a crafted application that makes an ioctl call, aka internal bug 28171804.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 21.1%

CVSS Severity

CVSS v3 Score 8.4

CVSS v2 Score 7.5

References

http://source.android.com/security/bulletin/2016-07-01.html
https://android.googlesource.com/platform/external/sepolicy/+/556bb0f55324e8839d7b735a0de9bc31028e839e
http://source.android.com/security/bulletin/2016-07-01.html
https://android.googlesource.com/platform/external/sepolicy/+/556bb0f55324e8839d7b735a0de9bc31028e839e

Products affected by CVE-2016-3748

Google » Android » Version: 6.0

cpe:2.3:o:google:android:6.0
Google » Android » Version: 6.0.1

cpe:2.3:o:google:android:6.0.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-3748

Products

Pricing

Contact Us