CVE-2016-10391

Summary

In all Qualcomm products with Android releases from CAF using the Linux kernel, the length in an HCI command is not properly checked for validity.

Affected Software

VendorProductVersion RangeStatus
Qualcomm, Inc.All Qualcomm productsAll Android releases from CAF using the Linux kernelaffected

Weaknesses

  • Reachable Assertion in Bluetooth

ADP Enrichment

CVE Program Container

Additional References

References