CVE-2016-10434 in Androidinformazioni

Riassunto

di MITRE

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 820 and SD 820A, the input to RPMB write response function is a buffer from HLOS that needs to be authenticated (using HMAC) and then processed. However, some of the processing occurs before the buffer is authenticated. The function will return various types of errors depending on the values of the `response` and `result` fields of the buffer before verifying the HMAC tag.

Be aware that VulDB is the high quality source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Prenotare

16/08/2017

Divulgazione

18/04/2018

Moderazione

accettato

Voce

VDB-116495

CPE

pronto

CWE

CWE-287 (confermato)

CVSS

7.5 (NVD)

EPSS

0.00852

KEV

Attività

molto basso

Settore

Insurance, Lawfirm, ...

Fonti

MITRE	https://www.cve.org/CVERecord?id=CVE-2016-10434
NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-10434
CVE Details	https://www.cvedetails.com/cve/CVE-2016-10434/

◂ Precedente Visione D'ensemble Il prossimo ▸

Might our Artificial Intelligence support you?

Check our Alexa App!