10

CVE-2016-10419

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9640, MDM9645, MDM9650, MDM9655, SD 450, SD 625, SD 650/52, SD 820, SD 835, SD 845, SD 850, and SDX20, when initializing scheduler object service request, an out of bounds access could occur due to uninitialized object number.

Data is provided by the National Vulnerability Database (NVD)
QualcommMdm9640 Firmware Version-
   QualcommMdm9640 Version-
QualcommMdm9645 Firmware Version-
   QualcommMdm9645 Version-
QualcommMdm9650 Firmware Version-
   QualcommMdm9650 Version-
QualcommMdm9655 Firmware Version-
   QualcommMdm9655 Version-
QualcommSd 450 Firmware Version-
   QualcommSd 450 Version-
QualcommSd 625 Firmware Version-
   QualcommSd 625 Version-
QualcommSd 650 Firmware Version-
   QualcommSd 650 Version-
QualcommSd 652 Firmware Version-
   QualcommSd 652 Version-
QualcommSd 820 Firmware Version-
   QualcommSd 820 Version-
QualcommSd 835 Firmware Version-
   QualcommSd 835 Version-
QualcommSd 845 Firmware Version-
   QualcommSd 845 Version-
QualcommSdx20 Firmware Version-
   QualcommSdx20 Version-
QualcommSd 850 Firmware Version-
   QualcommSd 850 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.22% 0.414
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 9.8 3.9 5.9
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 10 10 10
AV:N/AC:L/Au:N/C:C/I:C/A:C
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

http://www.securityfocus.com/bid/103671
Third Party Advisory
VDB Entry