What is CVE-2016-10406?

CVE-2016-10406 is a vulnerability in Android devices running Qualcomm Snapdragon Mobile MDM9650, SD 210/212/205, SD 410/412, SD 430, SD 450, SD 615/616/415/617/625/650/652/808/810/820, and SD 835 before 2018-04-05 or earlier security patch level.

What is the severity level of CVE-2016-10406?

CVE-2016-10406 has a severity level of 7.5 (High).

Which software is affected by CVE-2016-10406?

Android devices running Qualcomm Snapdragon Mobile MDM9650, SD 210/212/205, SD 410/412, SD 430, SD 450, SD 615/616/415/617/625/650/652/808/810/820, and SD 835 before 2018-04-05 or earlier security patch level are affected by CVE-2016-10406.

How can I fix CVE-2016-10406?

Update your Android device to a security patch level after 2018-04-05 to fix CVE-2016-10406.

Where can I find more information about CVE-2016-10406?

You can find more information about CVE-2016-10406 in the following references: [SecurityFocus](http://www.securityfocus.com/bid/103671), [Android Security Bulletin 2018-04-01](https://source.android.com/security/bulletin/2018-04-01), [Android Security Bulletin 2018-04-01 (Details)](https://source.android.com/docs/security/bulletin/2018-04-01/#asterisk).

Vulnerability/
CVE-2016-10406

high

7.5

CWE

200

2/4/2018

18/4/2018

16/9/2024

CVE-2016-10406: Infoleak

First published: Mon Apr 02 2018(Updated: )

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9650, SD 210/SD 212/SD 205, SD 410/12, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, and SD 835, while printing debug message of a pointer in wlan_qmi_err_cb, the real kernel address will be printed regardless of the kptr_restrict system settings.

Credit: product-security@qualcomm.com

Affected Software	Affected Version	How to fix
Google Android
Qualcomm Mdm9650 Firmware
Qualcomm Mdm9650
Qualcomm Sd 210 Firmware
Qualcomm Sd 210
Qualcomm Sd 212 Firmware
Qualcomm Sd 212
Qualcomm Sd 205 Firmware
Qualcomm Sd 205
Qualcomm Sd 410 Firmware
Qualcomm Sd 410
Qualcomm Sd 412 Firmware
Qualcomm Sd 412
Qualcomm Sd 430 Firmware
Qualcomm Sd 430
Qualcomm Sd 450 Firmware
Qualcomm Sd 450
Qualcomm Sd 615 Firmware
Qualcomm Sd 615
Qualcomm Sd 616 Firmware
Qualcomm Sd 616
Qualcomm Sd 415 Firmware
Qualcomm Sd 415
Qualcomm Sd 617 Firmware
Qualcomm Sd 617
Qualcomm Sd 625 Firmware
Qualcomm Sd 625
Qualcomm Sd 650 Firmware
Qualcomm Sd 650
Qualcomm Sd 652 Firmware
Qualcomm Sd 652
Google Android
Qualcomm Sd 808
Google Android
Qualcomm Sd 810
Qualcomm Sd 820 Firmware
Qualcomm Sd 820
Qualcomm Sd 835 Firmware
Qualcomm Sd 835

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is CVE-2016-10406?
CVE-2016-10406 is a vulnerability in Android devices running Qualcomm Snapdragon Mobile MDM9650, SD 210/212/205, SD 410/412, SD 430, SD 450, SD 615/616/415/617/625/650/652/808/810/820, and SD 835 before 2018-04-05 or earlier security patch level.
What is the severity level of CVE-2016-10406?
CVE-2016-10406 has a severity level of 7.5 (High).
Which software is affected by CVE-2016-10406?
Android devices running Qualcomm Snapdragon Mobile MDM9650, SD 210/212/205, SD 410/412, SD 430, SD 450, SD 615/616/415/617/625/650/652/808/810/820, and SD 835 before 2018-04-05 or earlier security patch level are affected by CVE-2016-10406.
How can I fix CVE-2016-10406?
Update your Android device to a security patch level after 2018-04-05 to fix CVE-2016-10406.
Where can I find more information about CVE-2016-10406?
You can find more information about CVE-2016-10406 in the following references: [SecurityFocus](http://www.securityfocus.com/bid/103671), [Android Security Bulletin 2018-04-01](https://source.android.com/security/bulletin/2018-04-01), [Android Security Bulletin 2018-04-01 (Details)](https://source.android.com/docs/security/bulletin/2018-04-01/#asterisk).