Vulnerabilities > CVE-2016-10496 - NULL Pointer Dereference vulnerability in Qualcomm products

CVSS 10.0 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

low complexity

qualcomm

CWE-476

critical

NVD

Published: 2018-04-18

Updated: 2018-05-01

Summary

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9635M, SD 210/SD 212/SD 205, SD 410/12, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 808, and SD 810, A NULL pointer dereference can occur during an SSL handshake.

Vulnerable Configurations

Part	Description	Count
OS	Qualcomm Qualcomm Mdm9635M Firmware - Qualcomm SD 210 Firmware - Qualcomm SD 212 Firmware - Qualcomm SD 205 Firmware - Qualcomm SD 410 Firmware - Qualcomm SD 412 Firmware - Qualcomm SD 450 Firmware - Qualcomm SD 615 Firmware - Qualcomm SD 616 Firmware - Qualcomm SD 415 Firmware - Qualcomm SD 625 Firmware - Qualcomm SD 650 Firmware - Qualcomm SD 652 Firmware - Qualcomm SD 808 Firmware - Qualcomm SD 810 Firmware -	15
Hardware	Qualcomm Qualcomm Mdm9635M - Qualcomm SD 210 - Qualcomm SD 212 - Qualcomm SD 205 - Qualcomm SD 410 - Qualcomm SD 412 - Qualcomm SD 450 - Qualcomm SD 615 - Qualcomm SD 616 - Qualcomm SD 415 - Qualcomm SD 625 - Qualcomm SD 650 - Qualcomm SD 652 - Qualcomm SD 808 - Qualcomm SD 810 -	15

Common Weakness Enumeration (CWE)

CWE-476 - NULL Pointer Dereference

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

References