CVE-2016-10408

Summary

QSEE will randomly experience a fatal error during execution due to speculative instruction fetches from device memory. Device memory is not valid executable memory.

Affected Software

VendorProductVersion RangeStatus
Qualcomm, Inc.Snapdragon9206 LTE Modemaffected
Qualcomm, Inc.SnapdragonAPQ8037affected
Qualcomm, Inc.SnapdragonSD626affected
Qualcomm, Inc.SnapdragonSD820affected
Qualcomm, Inc.SnapdragonSD821affected

Weaknesses

  • CWE-284: CWE-284 Improper Access Control

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References