Memory Corruption Vulnerability in Qualcomm Snapdragon Devices

Memory Corruption Vulnerability in Qualcomm Snapdragon Devices

CVE-2016-10493 · HIGH Severity

AV:N/AC:L/AU:N/C:C/I:C/A:C

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, and SDX20, NPA routines on the rootPD that handle resource requests remoted over QDI may not validate pointers passed from user space which may result in guest OS memory corruption.

Learn more about our Cis Benchmark Audit For Google Android.