Vulnerability Description
In all Qualcomm products with Android releases from CAF using the Linux kernel, the UE can send unprotected MeasurementReports revealing UE location.
CVSS Score
9.8
CRITICAL
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Android | All versions |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/103671
- https://source.android.com/security/bulletin/2017-07-01Vendor Advisory
- https://source.android.com/security/bulletin/2018-04-01
- http://www.securityfocus.com/bid/103671
- https://source.android.com/security/bulletin/2017-07-01Vendor Advisory
- https://source.android.com/security/bulletin/2018-04-01
FAQ
What is CVE-2016-10381?
CVE-2016-10381 is a vulnerability with a CVSS score of 9.8 (CRITICAL). In all Qualcomm products with Android releases from CAF using the Linux kernel, the UE can send unprotected MeasurementReports revealing UE location.
How severe is CVE-2016-10381?
CVE-2016-10381 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2016-10381?
Check the references section above for vendor advisories and patch information. Affected products include: Google Android.