CVE-2016-10386

Summary

In all Qualcomm products with Android releases from CAF using the Linux kernel, an array index out of bounds vulnerability exists in LPP.

Affected Software

VendorProductVersion RangeStatus
Qualcomm, Inc.Snapdragon Mobile, Snapdragon WearMDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, SD 835, SD 845, SD 850, SDX20affected

Weaknesses

  • Improper Validation of Array Index in GNSS

ADP Enrichment

CVE Program Container

Additional References

References