NAND Memory Partition Overflow Vulnerability in Qualcomm Android Devices

NAND Memory Partition Overflow Vulnerability in Qualcomm Android Devices

CVE-2016-10389 · HIGH Severity

AV:N/AC:M/AU:N/C:C/I:C/A:C

In all Qualcomm products with Android releases from CAF using the Linux kernel, there is no size check for the images being flashed onto the NAND memory in their respective partitions, so there is a possibility of writing beyond the intended partition.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.