CVE-2016-10475 – This vulnerability affects Android devices with... (How to Fix)

Q: What is the severity of CVE-2016-10475?

CVE-2016-10475 has a CVSS score of 9.8 (CRITICAL). This vulnerability affects Android devices with Qualcomm Snapdragon chipsets, allowing integer overflow that could lead to buffer overflow. Attackers could potentially execute arbitrary code or cause denial of service. Affected devices include those running Android before the April 2018 security patch with specific Snapdragon processors.

📋 TL;DR

This vulnerability affects Android devices with Qualcomm Snapdragon chipsets, allowing integer overflow that could lead to buffer overflow. Attackers could potentially execute arbitrary code or cause denial of service. Affected devices include those running Android before the April 2018 security patch with specific Snapdragon processors.

💻 Affected Systems

Products:

Android devices with Qualcomm Snapdragon processors

Versions: Android versions before April 2018 security patch (2018-04-05)

Operating Systems: Android

Default Config Vulnerable: ⚠️ Yes

Notes: Specifically affects SD 210/SD 212/SD 205, SD 400, SD 430, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, and SD 820 chipsets.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete device compromise, data theft, or persistent backdoor installation.

🟠

Likely Case

Application crashes, denial of service, or limited information disclosure due to memory corruption.

🟢

If Mitigated

No impact if patched; limited impact if exploit attempts are blocked by security controls.

🌐 Internet-Facing: HIGH - Mobile devices frequently connect to untrusted networks and download apps from various sources.

🏢 Internal Only: MEDIUM - Internal network attacks possible but less likely than internet-based vectors.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Requires specific conditions to trigger the integer overflow and subsequent buffer overflow.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Android security patch level 2018-04-05 or later

Vendor Advisory: https://source.android.com/security/bulletin/2018-04-01

Restart Required: Yes

Instructions:

1. Check device security patch level in Settings > About phone > Android security patch level. 2. If before April 2018, install latest Android updates via Settings > System > System update. 3. Restart device after update installation.

🔧 Temporary Workarounds

Network segmentation and monitoring

all

Isolate vulnerable devices from critical networks and monitor for suspicious activity.

Application whitelisting

android

Restrict installation to trusted applications only from official app stores.

🧯 If You Can't Patch

Isolate affected devices on separate network segments with strict firewall rules
Implement mobile device management (MDM) with application control and monitoring

🔍 How to Verify

Check if Vulnerable:

Check Android security patch level in Settings > About phone > Android security patch level. If date is before 2018-04-05, device is vulnerable.

Check Version:

adb shell getprop ro.build.version.security_patch

Verify Fix Applied:

Verify security patch level shows 2018-04-05 or later after applying updates.

📡 Detection & Monitoring

Log Indicators:

Kernel panic logs
Application crashes related to memory corruption
SELinux denials for unexpected process behavior

Network Indicators:

Unusual outbound connections from mobile devices
Suspicious network traffic patterns

SIEM Query:

source="android_devices" AND (event_type="crash" OR event_type="kernel_panic") AND process_name CONTAINS "system_server"

📊 Metadata

CVE ID: CVE-2016-10475

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-190

Published: April 18, 2018

Last Updated: November 21, 2024

🔗 References

http://www.securityfocus.com/bid/103671 Third Party Advisory,VDB Entry
https://source.android.com/security/bulletin/2018-04-01 Vendor Advisory
http://www.securityfocus.com/bid/103671 Third Party Advisory,VDB Entry
https://source.android.com/security/bulletin/2018-04-01 Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2016-10475, you might also want to check these:

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Sd 205 Firmware by Qualcomm

Sd 210 Firmware by Qualcomm

Sd 212 Firmware by Qualcomm

Sd 400 Firmware by Qualcomm

Sd 415 Firmware by Qualcomm

Sd 430 Firmware by Qualcomm

Sd 615 Firmware by Qualcomm

Sd 616 Firmware by Qualcomm

Sd 617 Firmware by Qualcomm

Sd 625 Firmware by Qualcomm

Sd 650 Firmware by Qualcomm

Sd 652 Firmware by Qualcomm

Sd 800 Firmware by Qualcomm

Sd 808 Firmware by Qualcomm

Sd 810 Firmware by Qualcomm

Sd 820 Firmware by Qualcomm