Vulnerability Description
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9640, SDM630, MSM8976, MSM8937, SDM845, MSM8976, and MSM8952, when running module or kernel code with improper access control allowing writing to arbitrary regions of memory, the user may utilize this vector to alter module executable code.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Qualcomm | Mdm9640 Firmware | - |
| Qualcomm | Mdm9640 | - |
| Qualcomm | Sdm630 Firmware | - |
| Qualcomm | Sdm630 | - |
| Qualcomm | Mdm9650 Firmware | - |
| Qualcomm | Mdm9650 | - |
| Qualcomm | Msm8976 Firmware | - |
| Qualcomm | Msm8976 | - |
| Qualcomm | Msm8937 Firmware | - |
| Qualcomm | Msm8937 | - |
| Qualcomm | Sdm845 Firmware | - |
| Qualcomm | Sdm845 | - |
| Qualcomm | Msm8952 Firmware | - |
| Qualcomm | Msm8952 | - |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/103671Third Party AdvisoryVDB Entry
- https://source.android.com/security/bulletin/2018-04-01Vendor Advisory
- http://www.securityfocus.com/bid/103671Third Party AdvisoryVDB Entry
- https://source.android.com/security/bulletin/2018-04-01Vendor Advisory
FAQ
What is CVE-2016-10442?
CVE-2016-10442 is a vulnerability with a CVSS score of 9.8 (CRITICAL). In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9640, SDM630, MSM8976, MSM8937, SDM845, MSM8976, and MSM8952, when running module or kernel code with impr...
How severe is CVE-2016-10442?
CVE-2016-10442 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2016-10442?
Check the references section above for vendor advisories and patch information. Affected products include: Qualcomm Mdm9640 Firmware, Qualcomm Mdm9640, Qualcomm Sdm630 Firmware, Qualcomm Sdm630, Qualcomm Mdm9650 Firmware.