Buffer Overflow Vulnerability in Snapdragon Mobile and Wear Products by Qualcomm
CVE-2016-10412

9.8CRITICAL

Key Information:

Vendor: Qualcomm
Status: Small Cell Soc , Snapdragon Mobile, Snapdragon Wear
Vendor: CVE Published:; 18 April 2018

What is CVE-2016-10412?

An integer overflow vulnerability exists in the memory API functions of Qualcomm's Snapdragon Mobile and Wear products. This flaw may allow attackers to exploit the overflow condition, leading to possible buffer overflows. Affected devices include various Snapdragon processors, introducing risks that may compromise device integrity and user data. Users are encouraged to apply the latest security patches to mitigate potential exploits associated with this vulnerability.

Affected Version(s)

Small Cell SoC , Snapdragon Mobile, Snapdragon Wear FSM9055, MDM9206, MDM9607, MDM9615, MDM9635M, MDM9640, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SDX20

References

https://source.android.com/security/bulletin/2018-04-01

x_refsource_CONFIRM

http://www.securityfocus.com/bid/103671

vdb-entryx_refsource_BID

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 18, 2018
Vulnerability Reserved
Aug 16, 2017