CVE-2016-10442
Last modified
CVE-2016-10442 is a vulnerability of currently unknown severity. In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9640, SDM630, MSM8976, MSM8937, SDM845, MSM8976, and MSM8952, when running module or kernel code with improper access control allowing writing to arbitrary regions of memory, the user may utilize this vector to alter module executable code.. EPSS estimates a 1.19% chance of exploitation in the next 30 days.
Description
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9640, SDM630, MSM8976, MSM8937, SDM845, MSM8976, and MSM8952, when running module or kernel code with improper access control allowing writing to arbitrary regions of memory, the user may utilize this vector to alter module executable code.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Qualcomm | Mdm9640 Firmware | All versions |
| Qualcomm | Sdm630 Firmware | All versions |
| Qualcomm | Mdm9650 Firmware | All versions |
| Qualcomm | Msm8976 Firmware | All versions |
| Qualcomm | Msm8937 Firmware | All versions |
| Qualcomm | Sdm845 Firmware | All versions |
| Qualcomm | Msm8952 Firmware | All versions |
References
- http://www.securityfocus.com/bid/103671Third Party Advisory, VDB Entry
- https://source.android.com/security/bulletin/2018-04-01Vendor Advisory
- http://www.securityfocus.com/bid/103671Third Party Advisory, VDB Entry
- https://source.android.com/security/bulletin/2018-04-01Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2016-10442?
How severe is CVE-2016-10442?
How do I fix CVE-2016-10442?
Are you affected by CVE-2016-10442?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST