CVE-2016-10239

Summary

In TrustZone access control policy may potentially be bypassed in all Android releases from CAF using the Linux kernel due to improper input validation an integer overflow vulnerability leading to a buffer overflow could potentially occur and a buffer over-read vulnerability could potentially occur.

Affected Software

VendorProductVersion RangeStatus
Qualcomm, Inc.All Qualcomm ProductsAll Android releases from CAF using the Linux kernelaffected

Weaknesses

  • Multiple Vulnerabilities in TrustZone

ADP Enrichment

CVE Program Container

Additional References

References