CVE-2016-10277

Name of the Vulnerable Software and Affected Versions Android versions Kernel-3.10, Kernel-3.18

Description The issue is related to an elevation of privilege vulnerability in the Motorola bootloader, which could allow a local malicious application to execute arbitrary code within the context of the bootloader. This may lead to a local permanent device compromise, requiring reflashing the operating system to repair the device. The vulnerability is also described as being related to insufficient access control in the Motorola bootloader, potentially allowing an attacker to execute arbitrary code.

Recommendations For Android versions Kernel-3.10, Kernel-3.18, consider restricting access to the bootloader until a patch is available. As a temporary workaround, avoid using the vulnerable bootloader functionality until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.