CVE-2016-10381

Name of the Vulnerable Software and Affected Versions Android versions (affected versions not specified) Qualcomm products with Android releases from CAF using the Linux kernel (affected versions not specified)

Description The issue is related to errors in the layout of a component in the Android CAF build operating system. It may allow a remote attacker to compromise the confidentiality, integrity, and availability of protected information when the UE engine sends unprotected MeasurementReports, revealing the UE engine's location.

Recommendations For Android, update the operating system to a version that includes the fix for this issue, if available. For Qualcomm products with Android releases from CAF using the Linux kernel, consider restricting access to the UE location data until a patch is available. As a temporary workaround, consider disabling the sending of MeasurementReports by the UE engine until a patch is available.