Vulnerability Description
In all Qualcomm products with Android releases from CAF using the Linux kernel, an array index out of bounds vulnerability exists in LPP.
CVSS Score
9.8
CRITICAL
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Android | All versions |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/103671
- https://source.android.com/security/bulletin/2017-07-01Vendor Advisory
- https://source.android.com/security/bulletin/2018-04-01
- http://www.securityfocus.com/bid/103671
- https://source.android.com/security/bulletin/2017-07-01Vendor Advisory
- https://source.android.com/security/bulletin/2018-04-01
FAQ
What is CVE-2016-10386?
CVE-2016-10386 is a vulnerability with a CVSS score of 9.8 (CRITICAL). In all Qualcomm products with Android releases from CAF using the Linux kernel, an array index out of bounds vulnerability exists in LPP.
How severe is CVE-2016-10386?
CVE-2016-10386 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2016-10386?
Check the references section above for vendor advisories and patch information. Affected products include: Google Android.