3 matches found
EUVD-2016-1591
Malware in sbrugna...
Cross site request forgery (csrf)
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, SD 820A, and SD 835, TOCTOU vulnerability may occur while composing the RPMB request using HLOS controlled buffers...
CVE-2016-10409
CVE-2016-10409 describes a TOCTOU vulnerability in RPMB request construction on Android devices using Qualcomm platforms (Snapdragon Automotive and Snapdragon Mobile) prior to the 2018-04-05 security patch level. The issue arises when RPMB requests are composed using buffers controlled by the hig...