High severity7.8NVD Advisory· Published May 5, 2016· Updated May 6, 2026

CVE-2016-2062

Description

The adreno_perfcounter_query_group function in drivers/gpu/msm/adreno_perfcounter.c in the Adreno GPU driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, uses an incorrect integer data type, which allows attackers to cause a denial of service (integer overflow, heap-based buffer overflow, and incorrect memory allocation) or possibly have unspecified other impact via a crafted IOCTL_KGSL_PERFCOUNTER_QUERY ioctl call.

Affected products

Google/Nexus 5x Firmware
cpe:2.3:o:google:nexus_5x_firmware:-:*:*:*:*:*:*:*
Google/Nexus 6p Firmware
cpe:2.3:o:google:nexus_6p_firmware:-:*:*:*:*:*:*:*
Linux/Kernel
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Range: >=3.0,<=3.19.8

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

source.android.com/security/bulletin/2016-06-01.htmlnvdPatchVendor Advisory
codeaurora.org/cgit/quic/la/kernel/msm-3.18/commit/nvdMailing ListPatchThird Party Advisory
www.securitytracker.com/id/1035766nvdThird Party AdvisoryVDB Entry
www.codeaurora.org/buffer-overflow-adreno-gpu-msm-driver-cve-2016-2062nvdBroken Link

News mentions

No linked articles in our index yet.

cvss	0.507
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000