CVE-2016-10409

Summary

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, SD 820A, and SD 835, TOCTOU vulnerability may occur while composing the RPMB request using HLOS controlled buffers.

Affected Software

VendorProductVersion RangeStatus
Qualcomm, Inc.Snapdragon Automobile, Snapdragon MobileSD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, SD 820A, SD 835affected

Weaknesses

  • TOCTOU vulnerability in secure write protect system calls

ADP Enrichment

CVE Program Container

Additional References

References