ID CVE-2016-10442Type cveReporter product-security@qualcomm.comModified 2018-05-01T20:46:00
Description
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9640, SDM630, MSM8976, MSM8937, SDM845, MSM8976, and MSM8952, when running module or kernel code with improper access control allowing writing to arbitrary regions of memory, the user may utilize this vector to alter module executable code.
{"id": "CVE-2016-10442", "bulletinFamily": "NVD", "title": "CVE-2016-10442", "description": "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9640, SDM630, MSM8976, MSM8937, SDM845, MSM8976, and MSM8952, when running module or kernel code with improper access control allowing writing to arbitrary regions of memory, the user may utilize this vector to alter module executable code.", "published": "2018-04-18T14:29:00", "modified": "2018-05-01T20:46:00", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-10442", "reporter": "product-security@qualcomm.com", "references": ["https://source.android.com/security/bulletin/2018-04-01", "http://www.securityfocus.com/bid/103671"], "cvelist": ["CVE-2016-10442"], "type": "cve", "lastseen": "2021-04-22T23:58:40", "edition": 5, "viewCount": 2, "enchantments": {"dependencies": {"modified": "2021-02-02T06:28:01", "references": [], "rev": 2}, "score": {"modified": "2021-02-02T06:28:01", "rev": 2, "value": 4.5, "vector": "NONE"}, "vulnersScore": 4.5}, "cpe": ["cpe:/o:qualcomm:msm8976_firmware:-", "cpe:/o:qualcomm:msm8937_firmware:-", "cpe:/o:qualcomm:sdm845_firmware:-", "cpe:/o:qualcomm:msm8952_firmware:-", "cpe:/o:qualcomm:sdm630_firmware:-", "cpe:/o:qualcomm:mdm9650_firmware:-", "cpe:/o:qualcomm:mdm9640_firmware:-"], "affectedSoftware": [{"cpeName": "qualcomm:mdm9640_firmware", "name": "qualcomm mdm9640 firmware", "operator": "eq", "version": "-"}, {"cpeName": "qualcomm:msm8952_firmware", "name": "qualcomm msm8952 firmware", "operator": "eq", "version": "-"}, {"cpeName": "qualcomm:mdm9650_firmware", "name": "qualcomm mdm9650 firmware", "operator": "eq", "version": "-"}, {"cpeName": "qualcomm:sdm845_firmware", "name": "qualcomm sdm845 firmware", "operator": "eq", "version": "-"}, {"cpeName": "qualcomm:msm8976_firmware", "name": "qualcomm msm8976 firmware", "operator": "eq", "version": "-"}, {"cpeName": "qualcomm:msm8976_firmware", "name": "qualcomm msm8976 firmware", "operator": "eq", "version": "-"}, {"cpeName": "qualcomm:msm8937_firmware", "name": "qualcomm msm8937 firmware", "operator": "eq", "version": "-"}, {"cpeName": "qualcomm:sdm630_firmware", "name": "qualcomm sdm630 firmware", "operator": "eq", "version": "-"}], "cvss2": {"acInsufInfo": true, "cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 5.9}, "cpe23": ["cpe:2.3:o:qualcomm:mdm9640_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:qualcomm:msm8976_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:qualcomm:mdm9650_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:qualcomm:msm8937_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:qualcomm:sdm630_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:qualcomm:sdm845_firmware:-:*:*:*:*:*:*:*", "cpe:2.3:o:qualcomm:msm8952_firmware:-:*:*:*:*:*:*:*"], "cwe": ["CWE-284"], "scheme": null, "affectedConfiguration": [{"cpeName": "qualcomm:mdm9640", "name": "qualcomm mdm9640", "operator": "eq", "version": "-"}, {"cpeName": "qualcomm:mdm9650", "name": "qualcomm mdm9650", "operator": "eq", "version": "-"}, {"cpeName": "qualcomm:sdm630", "name": "qualcomm sdm630", "operator": "eq", "version": "-"}, {"cpeName": "qualcomm:sdm845", "name": "qualcomm sdm845", "operator": "eq", "version": "-"}, {"cpeName": "qualcomm:msm8976", "name": "qualcomm msm8976", "operator": "eq", "version": "-"}, {"cpeName": "qualcomm:msm8952", "name": "qualcomm msm8952", "operator": "eq", "version": "-"}, {"cpeName": "qualcomm:msm8937", "name": "qualcomm msm8937", "operator": "eq", "version": "-"}], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"children": [{"children": [], "cpe_match": [{"cpe23Uri": "cpe:2.3:o:qualcomm:msm8976_firmware:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}], "operator": "OR"}, {"children": [], "cpe_match": [{"cpe23Uri": "cpe:2.3:h:qualcomm:msm8976:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}], "operator": "OR"}], "cpe_match": [], "operator": "AND"}, {"children": [{"children": [], "cpe_match": [{"cpe23Uri": "cpe:2.3:o:qualcomm:msm8976_firmware:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}], "operator": "OR"}, {"children": [], "cpe_match": [{"cpe23Uri": "cpe:2.3:h:qualcomm:msm8976:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}], "operator": "OR"}], "cpe_match": [], "operator": "AND"}, {"children": [{"children": [], "cpe_match": [{"cpe23Uri": "cpe:2.3:h:qualcomm:sdm845:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}], "operator": "OR"}, {"children": [], "cpe_match": [{"cpe23Uri": "cpe:2.3:o:qualcomm:sdm845_firmware:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}], "operator": "OR"}], "cpe_match": [], "operator": "AND"}, {"children": [{"children": [], "cpe_match": [{"cpe23Uri": "cpe:2.3:o:qualcomm:msm8952_firmware:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}], "operator": "OR"}, {"children": [], "cpe_match": [{"cpe23Uri": "cpe:2.3:h:qualcomm:msm8952:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}], "operator": "OR"}], "cpe_match": [], "operator": "AND"}, {"children": [{"children": [], "cpe_match": [{"cpe23Uri": "cpe:2.3:o:qualcomm:msm8937_firmware:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}], "operator": "OR"}, {"children": [], "cpe_match": [{"cpe23Uri": "cpe:2.3:h:qualcomm:msm8937:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}], "operator": "OR"}], "cpe_match": [], "operator": "AND"}, {"children": [{"children": [], "cpe_match": [{"cpe23Uri": "cpe:2.3:o:qualcomm:mdm9650_firmware:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}], "operator": "OR"}, {"children": [], "cpe_match": [{"cpe23Uri": "cpe:2.3:h:qualcomm:mdm9650:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}], "operator": "OR"}], "cpe_match": [], "operator": "AND"}, {"children": [{"children": [], "cpe_match": [{"cpe23Uri": "cpe:2.3:h:qualcomm:mdm9640:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}], "operator": "OR"}, {"children": [], "cpe_match": [{"cpe23Uri": "cpe:2.3:o:qualcomm:mdm9640_firmware:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}], "operator": "OR"}], "cpe_match": [], "operator": "AND"}, {"children": [{"children": [], "cpe_match": [{"cpe23Uri": "cpe:2.3:h:qualcomm:sdm630:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false}], "operator": "OR"}, {"children": [], "cpe_match": [{"cpe23Uri": "cpe:2.3:o:qualcomm:sdm630_firmware:-:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}], "operator": "OR"}], "cpe_match": [], "operator": "AND"}]}, "extraReferences": [{"name": "https://source.android.com/security/bulletin/2018-04-01", "refsource": "CONFIRM", "tags": ["Vendor Advisory"], "url": "https://source.android.com/security/bulletin/2018-04-01"}, {"name": "103671", "refsource": "BID", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/103671"}], "immutableFields": []}
{}
