cvelist/2016/10xxx/CVE-2016-10442.json

{
   "CVE_data_meta" : {
      "ASSIGNER" : "product-security@qualcomm.com",
      "DATE_PUBLIC" : "2018-04-02T00:00:00",
      "ID" : "CVE-2016-10442",
      "STATE" : "PUBLIC"
   },
   "affects" : {
      "vendor" : {
         "vendor_data" : [
            {
               "product" : {
                  "product_data" : [
                     {
                        "product_name" : "Snapdragon Mobile",
                        "version" : {
                           "version_data" : [
                              {
                                 "version_value" : "MDM9640, SDM630, MSM8976, MSM8937, SDM845, MSM8976, MSM8952"
                              }
                           ]
                        }
                     }
                  ]
               },
               "vendor_name" : "Qualcomm, Inc."
            }
         ]
      }
   },
   "data_format" : "MITRE",
   "data_type" : "CVE",
   "data_version" : "4.0",
   "description" : {
      "description_data" : [
         {
            "lang" : "eng",
            "value" : "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9640, SDM630, MSM8976, MSM8937, SDM845, MSM8976, and MSM8952, when running module or kernel code with improper access control allowing writing to arbitrary regions of memory, the user may utilize this vector to alter module executable code."
         }
      ]
   },
   "problemtype" : {
      "problemtype_data" : [
         {
            "description" : [
               {
                  "lang" : "eng",
                  "value" : "Code injection vulnerability when using kernel modules"
               }
            ]
         }
      ]
   },
   "references" : {
      "reference_data" : [
         {
            "name" : "https://source.android.com/security/bulletin/2018-04-01",
            "refsource" : "CONFIRM",
            "url" : "https://source.android.com/security/bulletin/2018-04-01"
         },
         {
            "name" : "103671",
            "refsource" : "BID",
            "url" : "http://www.securityfocus.com/bid/103671"
         }
      ]
   }
}
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`{`
			`"CVE_data_meta" : {`
- Added submission from Qualcomm for closed-source components 2014-2016 cumulative update in Android Security Bulletin - April 2018 from 2018-04-02. 2018-04-18 08:13:54 -04:00			`"ASSIGNER" : "product-security@qualcomm.com",`
			`"DATE_PUBLIC" : "2018-04-02T00:00:00",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"ID" : "CVE-2016-10442",`
- Added submission from Qualcomm for closed-source components 2014-2016 cumulative update in Android Security Bulletin - April 2018 from 2018-04-02. 2018-04-18 08:13:54 -04:00			`"STATE" : "PUBLIC"`
			`},`
			`"affects" : {`
			`"vendor" : {`
			`"vendor_data" : [`
			`{`
			`"product" : {`
			`"product_data" : [`
			`{`
			`"product_name" : "Snapdragon Mobile",`
			`"version" : {`
			`"version_data" : [`
			`{`
			`"version_value" : "MDM9640, SDM630, MSM8976, MSM8937, SDM845, MSM8976, MSM8952"`
			`}`
			`]`
			`}`
			`}`
			`]`
			`},`
			`"vendor_name" : "Qualcomm, Inc."`
			`}`
			`]`
			`}`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`},`
			`"data_format" : "MITRE",`
			`"data_type" : "CVE",`
			`"data_version" : "4.0",`
			`"description" : {`
			`"description_data" : [`
			`{`
			`"lang" : "eng",`
- Synchronized data. 2018-04-18 10:02:39 -04:00			`"value" : "In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9640, SDM630, MSM8976, MSM8937, SDM845, MSM8976, and MSM8952, when running module or kernel code with improper access control allowing writing to arbitrary regions of memory, the user may utilize this vector to alter module executable code."`
- Added submission from Qualcomm for closed-source components 2014-2016 cumulative update in Android Security Bulletin - April 2018 from 2018-04-02. 2018-04-18 08:13:54 -04:00			`}`
			`]`
			`},`
			`"problemtype" : {`
			`"problemtype_data" : [`
			`{`
			`"description" : [`
			`{`
			`"lang" : "eng",`
			`"value" : "Code injection vulnerability when using kernel modules"`
			`}`
			`]`
			`}`
			`]`
			`},`
			`"references" : {`
			`"reference_data" : [`
			`{`
- Synchronized data. 2018-04-18 10:02:39 -04:00			`"name" : "https://source.android.com/security/bulletin/2018-04-01",`
			`"refsource" : "CONFIRM",`
- Added submission from Qualcomm for closed-source components 2014-2016 cumulative update in Android Security Bulletin - April 2018 from 2018-04-02. 2018-04-18 08:13:54 -04:00			`"url" : "https://source.android.com/security/bulletin/2018-04-01"`
- Synchronized data. 2018-04-19 06:04:42 -04:00			`},`
			`{`
			`"name" : "103671",`
			`"refsource" : "BID",`
			`"url" : "http://www.securityfocus.com/bid/103671"`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`}`
			`]`
			`}`
			`}`