CVE-2016-10442
CRITICALQualcomm MDM9640 SDM630 MSM8976 MSM8937 SDM845 MSM8952 Firmware - Improper Access Control
Title source: llmDescription
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9640, SDM630, MSM8976, MSM8937, SDM845, MSM8976, and MSM8952, when running module or kernel code with improper access control allowing writing to arbitrary regions of memory, the user may utilize this vector to alter module executable code.
References (2)
Core 2
Core References
Vendor Advisory x_refsource_confirm
https://source.android.com/security/bulletin/2018-04-01
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/103671
Scores
CVSS v3
9.8
EPSS
0.0017
EPSS Percentile
37.5%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-284
Status
published
Products (7)
qualcomm/mdm9640_firmware
qualcomm/mdm9650_firmware
qualcomm/msm8937_firmware
qualcomm/msm8952_firmware
qualcomm/msm8976_firmware
qualcomm/sdm630_firmware
qualcomm/sdm845_firmware
Published
Apr 18, 2018
Tracked Since
Feb 18, 2026