Automated analysis has detected that the following third party packages have had vulnerabilities publicly reported. 

NOTE: There may be several bugs listed below - in almost all cases, all bugs can be quickly addressed by upgrading to the latest version of the package.

Package Name: sys-kernel/chromeos-kernel-3_8
Package Version: [cpe:/o:linux:linux_kernel:3.8.11]


Advisory: CVE-2016-2064
  Details: https://vomit.googleplex.com/advisory?id=CVE/CVE-2016-2064
  CVSS severity score: 7.2/10.0
  Confidence: high
  Description:

sound/soc/msm/qdsp6v2/msm-audio-effects-q6-v2.c in the MSM QDSP6 audio driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted application that makes an ioctl call specifying many commands.