PT-2018-1221 · Qualcomm+1 · Qualcomm Snapdragon Mobile Sd 810+21
Published
2018-04-02
·
Updated
2018-05-01
·
CVE-2016-10462
CVSS v2.0
10
High
| Vector | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Android versions prior to 2018-04-05 security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 820A, SD 835, SDM630, SDM636, SDM660, and Snapdragon High Med 2016
Description
The issue is related to insufficient access control to resources in the Qualcomm Access Control Policy component of the Android operating system. This could allow a remote attacker to impact the confidentiality, integrity, and availability of protected information. The Access Control policy for HLOS allows access to Slimbus, GPU, GIC resources.
Recommendations
For Android versions prior to 2018-04-05 security patch level on the specified Qualcomm Snapdragon devices, update to a version with a security patch level of 2018-04-05 or later to resolve the issue.
As a temporary workaround, consider restricting access to Slimbus, GPU, GIC resources until a patch is available.
Fix
Improper Access Control
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Android
Qualcomm Sdm630
Qualcomm Sd 636
Qualcomm Sdm660
Qualcomm Snapdragon Mobile
Qualcomm Snapdragon Mobile Sd 410
Qualcomm Snapdragon Mobile Sd 412
Qualcomm Snapdragon Mobile Sd 415
Qualcomm Snapdragon Mobile Sd 425
Qualcomm Snapdragon Mobile Sd 427
Qualcomm Snapdragon Mobile Sd 430
Qualcomm Snapdragon Mobile Sd 435
Qualcomm Snapdragon Mobile Sd 450
Qualcomm Snapdragon Mobile Sd 615
Qualcomm Snapdragon Mobile Sd 616
Qualcomm Snapdragon Mobile Sd 625
Qualcomm Snapdragon Mobile Sd 650
Qualcomm Snapdragon Mobile Sd 652
Qualcomm Snapdragon Mobile Sd 808
Qualcomm Snapdragon Mobile Sd 810
Qualcomm Snapdragon Mobile Sd 820
Qualcomm Snapdragon Mobile Sd 835