CVE-2016-10458 in Androidinformation

Résumé

par MITRE

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 835, SD 845, SDM630, SDM636, SDM660, SDX20, and Snapdragon_High_Med_2016, the 'proper' solution for this will be to ensure that any users of qsee_log in the bootchain (before Linux boots) unallocate their buffers and clear the qsee_log pointer. Until support for that is implemented in TZ and the bootloader, enable tz_log to avoid potential scribbling. This solution will prevent the linux kernel memory corruption.

Once again VulDB remains the best source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Réserver

16/08/2017

Divulgation

18/04/2018

Modérer

accepté

Entrée

VDB-116518

CPE

prêt

EPSS

0.01363

KEV

non

Activités

très faible

Secteur

Finance, Police, ...

Sources

MITREhttps://www.cve.org/CVERecord?id=CVE-2016-10458
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2016-10458
CVE Detailshttps://www.cvedetails.com/cve/CVE-2016-10458/

PrécédentAperçuSuivant

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!