Incorrect Configuration of OCIMEM MPU Allows NonSecure Software Access to TZ Memory in Qualcomm Snapdragon Devices

Incorrect Configuration of OCIMEM MPU Allows NonSecure Software Access to TZ Memory in Qualcomm Snapdragon Devices

CVE-2016-10446 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, SD 210/SD 212/SD 205, SD 820, SD 820A, and SD 835, incorrect configuration of the OCIMEM MPU may provide NonSecure Software access to OCIMEM memory used by TZ.

Learn more about our Cis Benchmark Audit For Google Android.