High severity7.8NVD Advisory· Published Jul 11, 2016· Updated May 6, 2026

CVE-2016-2068

Description

The MSM QDSP6 audio driver (aka sound driver) for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to gain privileges or cause a denial of service (integer overflow, and buffer overflow or buffer over-read) via a crafted application that performs a (1) AUDIO_EFFECTS_WRITE or (2) AUDIO_EFFECTS_READ operation, aka Qualcomm internal bug CR1006609.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

source.android.com/security/bulletin/2016-07-01.htmlnvdPatchVendor Advisory
source.codeaurora.org/quic/la/kernel/msm-3.10/commit/nvdMailing ListPatchThird Party Advisory
us.codeaurora.org/cgit/quic/la/kernel/msm-3.10/commit/nvdMailing ListPatchThird Party Advisory
us.codeaurora.org/cgit/quic/la/kernel/msm-3.18/commit/nvdMailing ListPatchThird Party Advisory
www.codeaurora.org/multiple-vulnerabilities-msm-qdsp6-audio-driver-allow-kernel-memory-corruption-cve-2016-2068-0nvdBroken Link

News mentions

No linked articles in our index yet.

cvss	0.507
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000