CVE-2016-10409

CVE-2016-10409 describes a TOCTOU vulnerability in RPMB request construction on Android devices using Qualcomm platforms (Snapdragon Automotive and Snapdragon Mobile) prior to the 2018-04-05 security patch level. The issue arises when RPMB requests are composed using buffers controlled by the hig...