CVE-2016-10493: Buffer Overflow
First published: Mon Apr 02 2018(Updated: )
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, and SDX20, NPA routines on the rootPD that handle resource requests remoted over QDI may not validate pointers passed from user space which may result in guest OS memory corruption.
Credit: product-security@qualcomm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Android | ||
| Qualcomm MDM9206 | ||
| Qualcomm MDM9206 firmware | ||
| Qualcomm MD9607 Firmware | ||
| Qualcomm MDM9607 firmware | ||
| Qualcomm MDM9635M firmware | ||
| Qualcomm MDM9635M firmware | ||
| Qualcomm MDM9640 Firmware | ||
| Qualcomm MDM9640 Firmware | ||
| Qualcomm MDM9645 | ||
| Qualcomm MDM9645 | ||
| Qualcomm MDM9650 | ||
| Qualcomm MDM9650 firmware | ||
| Qualcomm MDM9655 firmware | ||
| Qualcomm MDM9655 firmware | ||
| Qualcomm 8909 Firmware | ||
| Qualcomm Snapdragon 8909 | ||
| Qualcomm SD210 Firmware | ||
| Qualcomm SD 210 Firmware | ||
| Qualcomm SD 212 | ||
| Qualcomm SD 212 Firmware | ||
| Qualcomm 205 Firmware | ||
| Qualcomm SD205 Firmware | ||
| Qualcomm SDR425 Firmware | ||
| Qualcomm Snapdragon 425 | ||
| Qualcomm SD 430 Firmware | ||
| Qualcomm SD 430 Firmware | ||
| Qualcomm SDM450 Firmware | ||
| Qualcomm SDM450 | ||
| Qualcomm Snapdragon 415 Firmware | ||
| Qualcomm Snapdragon 415 | ||
| Qualcomm SD617 Firmware | ||
| Qualcomm QCA617 | ||
| Qualcomm SD 625 Firmware | ||
| Qualcomm Snapdragon 625 | ||
| Qualcomm SD650 Firmware | ||
| Qualcomm Snapdragon 650 | ||
| Qualcomm SD652 Firmware | ||
| Qualcomm SD652 Firmware | ||
| Qualcomm SD 808 Firmware | ||
| Qualcomm Snapdragon 808 | ||
| Qualcomm Snapdragon 810 Firmware | ||
| Qualcomm Snapdragon 810 | ||
| Qualcomm SD820 Firmware | ||
| Qualcomm SD820 Firmware | ||
| Qualcomm SD835 Firmware | ||
| Qualcomm Snapdragon 835 | ||
| Qualcomm SDA845 Firmware | ||
| Qualcomm SD845 | ||
| Qualcomm SDX20 Firmware | ||
| Qualcomm SDX20 Firmware | ||
| Qualcomm SD850 Firmware | ||
| Qualcomm SD850 | ||
| Qualcomm SD820A Firmware | ||
| Qualcomm SD820A Firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2016-10493?
The severity of CVE-2016-10493 is critical with a severity value of 9.8.
Which software versions are affected by CVE-2016-10493?
Android before 2018-04-05 on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear devices are affected.
How can I fix CVE-2016-10493?
Apply the security patch level of 2018-04-05 or later on affected devices.
What is the Common Weakness Enumeration (CWE) for CVE-2016-10493?
The Common Weakness Enumeration (CWE) for CVE-2016-10493 is 119.
Where can I find more information about CVE-2016-10493?
You can find more information about CVE-2016-10493 at the following references: [1](http://www.securityfocus.com/bid/103671), [2](https://source.android.com/security/bulletin/2018-04-01), [3](https://source.android.com/docs/security/bulletin/2018-04-01/#asterisk).
- agent/references
- agent/type
- agent/first-publish-date
- agent/author
- agent/weakness
- agent/severity
- agent/description
- agent/event
- agent/last-modified-date
- agent/source
- collector/android-source
- source/Android
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- vendor/google
- canonical/android
- vendor/qualcomm
- canonical/qualcomm mdm9206
- canonical/qualcomm mdm9206 firmware
- canonical/qualcomm md9607 firmware
- canonical/qualcomm mdm9607 firmware
- canonical/qualcomm mdm9635m firmware
- canonical/qualcomm mdm9640 firmware
- canonical/qualcomm mdm9645
- canonical/qualcomm mdm9650
- canonical/qualcomm mdm9650 firmware
- canonical/qualcomm mdm9655 firmware
- canonical/qualcomm 8909 firmware
- canonical/qualcomm snapdragon 8909
- canonical/qualcomm sd210 firmware
- canonical/qualcomm sd 210 firmware
- canonical/qualcomm sd 212
- canonical/qualcomm sd 212 firmware
- canonical/qualcomm 205 firmware
- canonical/qualcomm sd205 firmware
- canonical/qualcomm sdr425 firmware
- canonical/qualcomm snapdragon 425
- canonical/qualcomm sd 430 firmware
- canonical/qualcomm sdm450 firmware
- canonical/qualcomm sdm450
- canonical/qualcomm snapdragon 415 firmware
- canonical/qualcomm snapdragon 415
- canonical/qualcomm sd617 firmware
- canonical/qualcomm qca617
- canonical/qualcomm sd 625 firmware
- canonical/qualcomm snapdragon 625
- canonical/qualcomm sd650 firmware
- canonical/qualcomm snapdragon 650
- canonical/qualcomm sd652 firmware
- canonical/qualcomm sd 808 firmware
- canonical/qualcomm snapdragon 808
- canonical/qualcomm snapdragon 810 firmware
- canonical/qualcomm snapdragon 810
- canonical/qualcomm sd820 firmware
- canonical/qualcomm sd835 firmware
- canonical/qualcomm snapdragon 835
- canonical/qualcomm sda845 firmware
- canonical/qualcomm sd845
- canonical/qualcomm sdx20 firmware
- canonical/qualcomm sd850 firmware
- canonical/qualcomm sd850
- canonical/qualcomm sd820a firmware