CVE-2016-10416

Name of the Vulnerable Software and Affected Versions Android versions prior to 2018-04-05 security patch level

Description The issue is related to UE crash due to IPCMem exhaustion when UDP data is sent to the UE's ULP (UserPlane Location protocol) UDP port 7275. This occurs in Android on various Qualcomm Snapdragon Mobile and Snapdragon Wear devices, including MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, and SD 820.

Recommendations For Android versions prior to 2018-04-05 security patch level, update to a version with a security patch level of 2018-04-05 or later to resolve the issue. As a temporary workaround, consider restricting access to the UDP port 7275 to minimize the risk of exploitation.