Vulnerability Name: CVE-2016-10498 (CCN-142514) Assigned: 2017-08-16 Published: 2018-04-04 Updated: 2018-04-24 Summary: In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9635M, MDM9645, MDM9650, MDM9655, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 810, SDM630, SDM636, SDM660, and Snapdragon_High_Med_2016, stopping of the DTR prematurely causes micro kernel to be stuck. This can be triggered with a timing change injectable in RACH procedure. CVSS v3 Severity: 9.8 Critical (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 8.5 High (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitability Metrics: Attack Vector (AV): NetworkAttack Complexity (AC): LowPrivileges Required (PR): NoneUser Interaction (UI): NoneScope: Scope (S): UnchangedImpact Metrics: Confidentiality (C): HighIntegrity (I): HighAvailibility (A): High
6.2 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 5.4 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C Exploitability Metrics: Attack Vector (AV): LocalAttack Complexity (AC): LowPrivileges Required (PR): NoneUser Interaction (UI): NoneScope: Scope (S): UnchangedImpact Metrics: Confidentiality (C): NoneIntegrity (I): NoneAvailibility (A): High
CVSS v2 Severity: 10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): LowAuthentication (Au): NoneImpact Metrics: Confidentiality (C): CompleteIntegrity (I): CompleteAvailibility (A): Complete
4.9 Medium (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C Exploitability Metrics: Access Vector (AV): LocalAccess Complexity (AC): LowAthentication (Au): NoneImpact Metrics: Confidentiality (C): NoneIntegrity (I): NoneAvailibility (A): Complete
Vulnerability Type: CWE-74 Vulnerability Consequences: Denial of Service References: Source: MITRECVE-2016-10498 103671 Google Android Multiple Qualcomm Components Multiple Unspecified Security Vulnerabilities Android android-cve201610498-dos(142514) Android Security Bulletin—April 2018 https://source.android.com/security/bulletin/2018-04-01 Vulnerable Configuration: Configuration 1 :cpe:/o:qualcomm:mdm9206_firmware:-:*:*:*:*:*:*:* AND cpe:/h:qualcomm:mdm9206:-:*:*:*:*:*:*:* Configuration 2 :cpe:/o:qualcomm:mdm9607_firmware:-:*:*:*:*:*:*:* AND cpe:/h:qualcomm:mdm9607:-:*:*:*:*:*:*:* Configuration 3 :cpe:/o:qualcomm:mdm9615_firmware:-:*:*:*:*:*:*:* AND cpe:/h:qualcomm:mdm9615:-:*:*:*:*:*:*:* Configuration 4 :cpe:/o:qualcomm:mdm9625_firmware:-:*:*:*:*:*:*:* AND cpe:/h:qualcomm:mdm9625:-:*:*:*:*:*:*:* Configuration 5 :cpe:/o:qualcomm:mdm9635m_firmware:-:*:*:*:*:*:*:* AND cpe:/h:qualcomm:mdm9635m:-:*:*:*:*:*:*:* Configuration 6 :cpe:/o:qualcomm:mdm9645_firmware:-:*:*:*:*:*:*:* AND cpe:/h:qualcomm:mdm9645:-:*:*:*:*:*:*:* Configuration 7 :cpe:/o:qualcomm:mdm9650_firmware:-:*:*:*:*:*:*:* AND cpe:/h:qualcomm:mdm9650:-:*:*:*:*:*:*:* Configuration 8 :cpe:/o:qualcomm:mdm9655_firmware:-:*:*:*:*:*:*:* AND cpe:/h:qualcomm:mdm9655:-:*:*:*:*:*:*:* Configuration 9 :cpe:/o:qualcomm:sd_210_firmware:-:*:*:*:*:*:*:* AND cpe:/h:qualcomm:sd_210:-:*:*:*:*:*:*:* Configuration 10 :cpe:/o:qualcomm:sd_212_firmware:-:*:*:*:*:*:*:* AND cpe:/h:qualcomm:sd_212:-:*:*:*:*:*:*:* Configuration 11 :cpe:/o:qualcomm:sd_205_firmware:-:*:*:*:*:*:*:* AND cpe:/h:qualcomm:sd_205:-:*:*:*:*:*:*:* Configuration 12 :cpe:/o:qualcomm:sd_400_firmware:-:*:*:*:*:*:*:* AND cpe:/h:qualcomm:sd_400:-:*:*:*:*:*:*:* Configuration 13 :cpe:/o:qualcomm:sd_410_firmware:-:*:*:*:*:*:*:* AND cpe:/h:qualcomm:sd_410:-:*:*:*:*:*:*:* Configuration 14 :cpe:/o:qualcomm:sd_412_firmware:-:*:*:*:*:*:*:* AND cpe:/h:qualcomm:sd_412:-:*:*:*:*:*:*:* Configuration 15 :cpe:/o:qualcomm:sd_425_firmware:-:*:*:*:*:*:*:* AND cpe:/h:qualcomm:sd_425:-:*:*:*:*:*:*:* Configuration 16 :cpe:/o:qualcomm:sd_430_firmware:-:*:*:*:*:*:*:* AND cpe:/h:qualcomm:sd_430:-:*:*:*:*:*:*:* Configuration 17 :cpe:/o:qualcomm:sd_450_firmware:-:*:*:*:*:*:*:* AND cpe:/h:qualcomm:sd_450:-:*:*:*:*:*:*:* Configuration 18 :cpe:/o:qualcomm:sd_615_firmware:-:*:*:*:*:*:*:* AND cpe:/h:qualcomm:sd_615:-:*:*:*:*:*:*:* Configuration 19 :cpe:/o:qualcomm:sd_616_firmware:-:*:*:*:*:*:*:* AND cpe:/h:qualcomm:sd_616:-:*:*:*:*:*:*:* Configuration 20 :cpe:/o:qualcomm:sd_415_firmware:-:*:*:*:*:*:*:* AND cpe:/h:qualcomm:sd_415:-:*:*:*:*:*:*:* Configuration 21 :cpe:/o:qualcomm:sd_617_firmware:-:*:*:*:*:*:*:* AND cpe:/h:qualcomm:sd_617:-:*:*:*:*:*:*:* Configuration 22 :cpe:/o:qualcomm:sd_625_firmware:-:*:*:*:*:*:*:* AND cpe:/h:qualcomm:sd_625:-:*:*:*:*:*:*:* Configuration 23 :cpe:/o:qualcomm:sd_650_firmware:-:*:*:*:*:*:*:* AND cpe:/h:qualcomm:sd_650:-:*:*:*:*:*:*:* Configuration 24 :cpe:/o:qualcomm:sd_652_firmware:-:*:*:*:*:*:*:* AND cpe:/h:qualcomm:sd_652:-:*:*:*:*:*:*:* Configuration 25 :cpe:/o:qualcomm:sd_427_firmware:-:*:*:*:*:*:*:* AND cpe:/h:qualcomm:sd_427:-:*:*:*:*:*:*:* Configuration 26 :cpe:/o:qualcomm:sd_435_firmware:-:*:*:*:*:*:*:* AND cpe:/h:qualcomm:sd_435:-:*:*:*:*:*:*:* Configuration 27 :cpe:/o:qualcomm:sd_810_firmware:-:*:*:*:*:*:*:* AND cpe:/h:qualcomm:sd_810:-:*:*:*:*:*:*:* Configuration 28 :cpe:/o:qualcomm:sdm630_firmware:-:*:*:*:*:*:*:* AND cpe:/h:qualcomm:sdm630:-:*:*:*:*:*:*:* Configuration 29 :cpe:/o:qualcomm:sdm636_firmware:-:*:*:*:*:*:*:* AND cpe:/h:qualcomm:sdm636:-:*:*:*:*:*:*:* Configuration 30 :cpe:/o:qualcomm:sdm660_firmware:-:*:*:*:*:*:*:* AND cpe:/h:qualcomm:sdm660:-:*:*:*:*:*:*:* Configuration CCN 1 :cpe:/o:google:android:*:*:*:*:*:*:*:* BACK
qualcomm mdm9206 firmware -
qualcomm mdm9206 -
qualcomm mdm9607 firmware -
qualcomm mdm9607 -
qualcomm mdm9615 firmware -
qualcomm mdm9615 -
qualcomm mdm9625 firmware -
qualcomm mdm9625 -
qualcomm mdm9635m firmware -
qualcomm mdm9635m -
qualcomm mdm9645 firmware -
qualcomm mdm9645 -
qualcomm mdm9650 firmware -
qualcomm mdm9650 -
qualcomm mdm9655 firmware -
qualcomm mdm9655 -
qualcomm sd 210 firmware -
qualcomm sd 210 -
qualcomm sd 212 firmware -
qualcomm sd 212 -
qualcomm sd 205 firmware -
qualcomm sd 205 -
qualcomm sd 400 firmware -
qualcomm sd 400 -
qualcomm sd 410 firmware -
qualcomm sd 410 -
qualcomm sd 412 firmware -
qualcomm sd 412 -
qualcomm sd 425 firmware -
qualcomm sd 425 -
qualcomm sd 430 firmware -
qualcomm sd 430 -
qualcomm sd 450 firmware -
qualcomm sd 450 -
qualcomm sd 615 firmware -
qualcomm sd 615 -
qualcomm sd 616 firmware -
qualcomm sd 616 -
qualcomm sd 415 firmware -
qualcomm sd 415 -
qualcomm sd 617 firmware -
qualcomm sd 617 -
qualcomm sd 625 firmware -
qualcomm sd 625 -
qualcomm sd 650 firmware -
qualcomm sd 650 -
qualcomm sd 652 firmware -
qualcomm sd 652 -
qualcomm sd 427 firmware -
qualcomm sd 427 -
qualcomm sd 435 firmware -
qualcomm sd 435 -
qualcomm sd 810 firmware -
qualcomm sd 810 -
qualcomm sdm630 firmware -
qualcomm sdm630 -
qualcomm sdm636 firmware -
qualcomm sdm636 -
qualcomm sdm660 firmware -
qualcomm sdm660 -
google android *
Denotes that component is vulnerable