Vulnerability Details CVE-2016-10409
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, SD 820A, and SD 835, TOCTOU vulnerability may occur while composing the RPMB request using HLOS controlled buffers.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 38.7%
CVSS Severity
CVSS v3 Score 8.1
CVSS v2 Score 9.3
References
Products affected by CVE-2016-10409
-
cpe:2.3:h:qualcomm:sd_425:-
-
cpe:2.3:h:qualcomm:sd_430:-
-
cpe:2.3:h:qualcomm:sd_450:-
-
cpe:2.3:h:qualcomm:sd_625:-
-
cpe:2.3:h:qualcomm:sd_650:-
-
cpe:2.3:h:qualcomm:sd_652:-
-
cpe:2.3:h:qualcomm:sd_820:-
-
cpe:2.3:h:qualcomm:sd_820a:-
-
cpe:2.3:h:qualcomm:sd_835:-
-
cpe:2.3:o:qualcomm:sd_425_firmware:-
-
cpe:2.3:o:qualcomm:sd_430_firmware:-
-
cpe:2.3:o:qualcomm:sd_450_firmware:-
-
cpe:2.3:o:qualcomm:sd_625_firmware:-
-
cpe:2.3:o:qualcomm:sd_650_firmware:-
-
cpe:2.3:o:qualcomm:sd_652_firmware:-
-
cpe:2.3:o:qualcomm:sd_820_firmware:-
-
cpe:2.3:o:qualcomm:sd_820a_firmware:-
-
cpe:2.3:o:qualcomm:sd_835_firmware:-