CVE-2016-10490

2018-04-18 16:29:13 2018-04-24 13:59:54

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, and SDX20, if a negative value is passed as argument "max" to qurt_qdi_state_local_new_handle_from_obj, an buffer overflow occurs, due to typecasting the signed integer to unsigned.

Vector

NETWORK

Complexity

LOW

Authentication

NONE

Confidentiality

COMPLETE

Integrity

COMPLETE

Availability

COMPLETE

Qualcomm Mdm9206 firmware - (not an official CPE) Qualcomm Mdm9607 firmware - (not an official CPE) Qualcomm Mdm9625 firmware - (not an official CPE) Qualcomm Mdm9635m firmware - (not an official CPE) Qualcomm Mdm9640 firmware - (not an official CPE) Qualcomm Mdm9645 firmware - (not an official CPE) Qualcomm Mdm9650 firmware - (not an official CPE) Qualcomm Mdm9655 firmware - (not an official CPE) Qualcomm Msm8909w firmware - (not an official CPE) Qualcomm Sd 205 firmware - (not an official CPE) Qualcomm Sd 210 firmware - (not an official CPE) Qualcomm Sd 212 firmware - (not an official CPE) Qualcomm Sd 400 firmware - (not an official CPE) Qualcomm Sd 410 firmware - (not an official CPE) Qualcomm Sd 412 firmware - (not an official CPE) Qualcomm Sd 415 firmware - (not an official CPE) Qualcomm Sd 425 firmware - (not an official CPE) Qualcomm Sd 430 firmware - (not an official CPE) Qualcomm Sd 450 firmware - (not an official CPE) Qualcomm Sd 615 firmware - (not an official CPE) Qualcomm Sd 616 firmware - (not an official CPE) Qualcomm Sd 617 firmware - (not an official CPE) Qualcomm Sd 625 firmware - (not an official CPE) Qualcomm Sd 650 firmware - (not an official CPE) Qualcomm Sd 652 firmware - (not an official CPE) Qualcomm Sd 800 firmware - (not an official CPE) Qualcomm Sd 808 firmware - (not an official CPE) Qualcomm Sd 810 firmware - (not an official CPE) Qualcomm Sd 820 firmware - (not an official CPE) Qualcomm Sd 820a firmware - (not an official CPE) Qualcomm Sd 835 firmware - (not an official CPE) Qualcomm Sd 845 firmware - (not an official CPE) Qualcomm Sd 850 firmware - (not an official CPE) Qualcomm Sdx20 firmware - (not an official CPE)

Qualcomm - Mdm9206 firmware Qualcomm - Mdm9607 firmware Qualcomm - Mdm9625 firmware Qualcomm - Mdm9635m firmware Qualcomm - Mdm9640 firmware Qualcomm - Mdm9645 firmware Qualcomm - Mdm9650 firmware Qualcomm - Mdm9655 firmware Qualcomm - Msm8909w firmware Qualcomm - Sd 205 firmware Qualcomm - Sd 210 firmware Qualcomm - Sd 212 firmware Qualcomm - Sd 400 firmware Qualcomm - Sd 410 firmware Qualcomm - Sd 412 firmware Qualcomm - Sd 415 firmware Qualcomm - Sd 425 firmware Qualcomm - Sd 430 firmware Qualcomm - Sd 450 firmware Qualcomm - Sd 615 firmware Qualcomm - Sd 616 firmware Qualcomm - Sd 617 firmware Qualcomm - Sd 625 firmware Qualcomm - Sd 650 firmware Qualcomm - Sd 652 firmware Qualcomm - Sd 800 firmware Qualcomm - Sd 808 firmware Qualcomm - Sd 810 firmware Qualcomm - Sd 820 firmware Qualcomm - Sd 820a firmware Qualcomm - Sd 835 firmware Qualcomm - Sd 845 firmware Qualcomm - Sd 850 firmware Qualcomm - Sdx20 firmware

Advisory	Patch	Confirmed	Link
			https://source.android.com/security/bulletin/2018-04-01
			103671

Numeric Errors (ID 189)