Vulnerability CVE-2016-10442


Published: 2018-04-18

Description:
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9640, SDM630, MSM8976, MSM8937, SDM845, MSM8976, and MSM8952, when running module or kernel code with improper access control allowing writing to arbitrary regions of memory, the user may utilize this vector to alter module executable code.

Type:

CWE-284

(Improper Access Control)

CVSS2 => (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
10/10
10/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete
Affected software
Qualcomm -> Mdm9640 firmware 
Qualcomm -> Mdm9650 firmware 
Qualcomm -> Msm8937 firmware 
Qualcomm -> Msm8952 firmware 
Qualcomm -> Msm8976 firmware 
Qualcomm -> Sdm630 firmware 
Qualcomm -> Sdm845 firmware 

 References:
http://www.securityfocus.com/bid/103671
https://source.android.com/security/bulletin/2018-04-01

Copyright 2022, cxsecurity.com

 

Back to Top