Lucene search

[email protected]CVE-2016-10490

HistoryApr 18, 2018 - 2:29 p.m.

CVE-2016-10490

2018-04-1814:29:13

CWE-189

[email protected]

web.nvd.nist.gov

cve-2016-10490

buffer overflow

qualcomm snapdragon

android

security patch

vulnerability

nvd

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

8.7 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.002 Low

EPSS

Percentile

56.0%

JSON

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, and SDX20, if a negative value is passed as argument “max” to qurt_qdi_state_local_new_handle_from_obj, an buffer overflow occurs, due to typecasting the signed integer to unsigned.

Affected configurations

NVD

Node

qualcommmdm9206_firmwareMatch-

AND

qualcommmdm9206Match-

Node

qualcommmdm9607_firmwareMatch-

AND

qualcommmdm9607Match-

Node

qualcommmdm9625_firmwareMatch-

AND

qualcommmdm9625Match-

Node

qualcommmdm9635m_firmwareMatch-

AND

qualcommmdm9635mMatch-

Node

qualcommmdm9640_firmwareMatch-

AND

qualcommmdm9640Match-

Node

qualcommmdm9645_firmwareMatch-

AND

qualcommmdm9645Match-

Node

qualcommmdm9650_firmwareMatch-

AND

qualcommmdm9650Match-

Node

qualcommmdm9655_firmwareMatch-

AND

qualcommmdm9655Match-

Node

qualcommmsm8909w_firmwareMatch-

AND

qualcommmsm8909wMatch-

Node

qualcommsd_210_firmwareMatch-

AND

qualcommsd_210Match-

Node

qualcommsd_212_firmwareMatch-

AND

qualcommsd_212Match-

Node

qualcommsd_205_firmwareMatch-

AND

qualcommsd_205Match-

Node

qualcommsd_400_firmwareMatch-

AND

qualcommsd_400Match-

Node

qualcommsd_410_firmwareMatch-

AND

qualcommsd_410Match-

Node

qualcommsd_412_firmwareMatch-

AND

qualcommsd_412Match-

Node

qualcommsd_425_firmwareMatch-

AND

qualcommsd_425Match-

Node

qualcommsd_430_firmwareMatch-

AND

qualcommsd_430Match-

Node

qualcommsd_450_firmwareMatch-

AND

qualcommsd_450Match-

Node

qualcommsd_615_firmwareMatch-

AND

qualcommsd_615Match-

Node

qualcommsd_616_firmwareMatch-

AND

qualcommsd_616Match-

Node

qualcommsd_415_firmwareMatch-

AND

qualcommsd_415Match-

Node

qualcommsd_617_firmwareMatch-

AND

qualcommsd_617Match-

Node

qualcommsd_625_firmwareMatch-

AND

qualcommsd_625Match-

Node

qualcommsd_650_firmwareMatch-

AND

qualcommsd_650Match-

Node

qualcommsd_652_firmwareMatch-

AND

qualcommsd_652Match-

Node

qualcommsd_800_firmwareMatch-

AND

qualcommsd_800Match-

Node

qualcommsd_808_firmwareMatch-

AND

qualcommsd_808Match-

Node

qualcommsd_810_firmwareMatch-

AND

qualcommsd_810Match-

Node

qualcommsd_820_firmwareMatch-

AND

qualcommsd_820Match-

Node

qualcommsd_835_firmwareMatch-

AND

qualcommsd_835Match-

Node

qualcommsd_845_firmwareMatch-

AND

qualcommsd_845Match-

Node

qualcommsdx20_firmwareMatch-

AND

qualcommsdx20Match-

Node

qualcommsd_850_firmwareMatch-

AND

qualcommsd_850Match-

Node

qualcommsd_820a_firmwareMatch-

AND

qualcommsd_820aMatch-

CPENameOperatorVersion
qualcomm:mdm9206_firmwarequalcomm mdm9206 firmwareeq-
qualcomm:mdm9607_firmwarequalcomm mdm9607 firmwareeq-
qualcomm:mdm9625_firmwarequalcomm mdm9625 firmwareeq-
qualcomm:mdm9635m_firmwarequalcomm mdm9635m firmwareeq-
qualcomm:mdm9640_firmwarequalcomm mdm9640 firmwareeq-
qualcomm:mdm9645_firmwarequalcomm mdm9645 firmwareeq-
qualcomm:mdm9650_firmwarequalcomm mdm9650 firmwareeq-
qualcomm:mdm9655_firmwarequalcomm mdm9655 firmwareeq-
qualcomm:msm8909w_firmwarequalcomm msm8909w firmwareeq-
qualcomm:sd_210_firmwarequalcomm sd 210 firmwareeq-

CPE	Name	Operator	Version
qualcomm:mdm9206_firmware	qualcomm mdm9206 firmware	eq	-
qualcomm:mdm9607_firmware	qualcomm mdm9607 firmware	eq	-
qualcomm:mdm9625_firmware	qualcomm mdm9625 firmware	eq	-
qualcomm:mdm9635m_firmware	qualcomm mdm9635m firmware	eq	-
qualcomm:mdm9640_firmware	qualcomm mdm9640 firmware	eq	-
qualcomm:mdm9645_firmware	qualcomm mdm9645 firmware	eq	-
qualcomm:mdm9650_firmware	qualcomm mdm9650 firmware	eq	-
qualcomm:mdm9655_firmware	qualcomm mdm9655 firmware	eq	-
qualcomm:msm8909w_firmware	qualcomm msm8909w firmware	eq	-
qualcomm:sd_210_firmware	qualcomm sd 210 firmware	eq	-

Rows per page:

1-10 of 341

References

www.securityfocus.com/bid/103671

source.android.com/security/bulletin/2018-04-01

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

8.7 High

AI Score

Confidence

High

10 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.002 Low

EPSS

Percentile

56.0%

JSON

Related for CVE-2016-10490

prion1 nvd1 cvelist1