Login Sign Up

CVE-2016-10477

9.8 CRITICAL
Remote Code Execution Buffer Overflow

📋 TL;DR

A buffer overflow vulnerability in Qualcomm Snapdragon mobile chipsets allows attackers to execute arbitrary code or cause denial of service while processing smart card requests. This affects Android devices with specific Qualcomm chipsets before the April 2018 security patch. The vulnerability is critical with a CVSS score of 9.8 due to its potential for remote code execution.

💻 Affected Systems

Products:
  • Android devices with Qualcomm Snapdragon chipsets
Versions: Android versions before April 5, 2018 security patch level
Operating Systems: Android
Default Config Vulnerable: ⚠️ Yes
Notes: Specifically affects Qualcomm Snapdragon SD 210/SD 212/SD 205, SD 400, SD 430, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, and SD 820 chipsets

📦 What is this software?

Sd 205 Firmware by Qualcomm

View all CVEs affecting Sd 205 Firmware →

Sd 210 Firmware by Qualcomm

View all CVEs affecting Sd 210 Firmware →

Sd 212 Firmware by Qualcomm

View all CVEs affecting Sd 212 Firmware →

Sd 400 Firmware by Qualcomm

View all CVEs affecting Sd 400 Firmware →

Sd 415 Firmware by Qualcomm

View all CVEs affecting Sd 415 Firmware →

Sd 430 Firmware by Qualcomm

View all CVEs affecting Sd 430 Firmware →

Sd 615 Firmware by Qualcomm

View all CVEs affecting Sd 615 Firmware →

Sd 616 Firmware by Qualcomm

View all CVEs affecting Sd 616 Firmware →

Sd 617 Firmware by Qualcomm

View all CVEs affecting Sd 617 Firmware →

Sd 625 Firmware by Qualcomm

View all CVEs affecting Sd 625 Firmware →

Sd 650 Firmware by Qualcomm

View all CVEs affecting Sd 650 Firmware →

Sd 652 Firmware by Qualcomm

View all CVEs affecting Sd 652 Firmware →

Sd 800 Firmware by Qualcomm

View all CVEs affecting Sd 800 Firmware →

Sd 808 Firmware by Qualcomm

View all CVEs affecting Sd 808 Firmware →

Sd 810 Firmware by Qualcomm

View all CVEs affecting Sd 810 Firmware →

Sd 820 Firmware by Qualcomm

View all CVEs affecting Sd 820 Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote attacker gains full system control, executes arbitrary code with kernel privileges, and potentially installs persistent malware or exfiltrates sensitive data.

🟠

Likely Case

Local or network-adjacent attacker exploits the vulnerability to crash the device, cause denial of service, or execute limited code with elevated privileges.

🟢

If Mitigated

With proper network segmentation and updated devices, impact is limited to denial of service within isolated network segments.

🌐 Internet-Facing: MEDIUM
🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: MEDIUM

Buffer overflow in smart card processing requires specific conditions but could be triggered remotely in some configurations

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Android security patch level April 5, 2018 or later

Vendor Advisory: https://source.android.com/security/bulletin/2018-04-01

Restart Required: Yes

Instructions:

1. Check current Android security patch level in Settings > About phone > Android security patch level. 2. If before April 2018, apply the April 2018 security update. 3. Restart device after update installation.

🔧 Temporary Workarounds

Disable smart card functionality

android

If smart card features are not required, disable them to reduce attack surface

Network segmentation

all

Isolate affected devices from untrusted networks and limit network access

🧯 If You Can't Patch

  • Replace affected devices with updated hardware or isolate them in a dedicated network segment
  • Implement strict network access controls and monitor for unusual smart card processing activity

🔍 How to Verify

Check if Vulnerable:

Check Android security patch level in Settings > About phone > Android security patch level. If date is before April 5, 2018, device is vulnerable.

Check Version:

adb shell getprop ro.build.version.security_patch

Verify Fix Applied:

Verify Android security patch level shows April 5, 2018 or later after applying update

📡 Detection & Monitoring

Log Indicators:

  • Kernel panic logs
  • Smart card service crashes
  • Buffer overflow warnings in system logs

Network Indicators:

  • Unusual smart card protocol traffic
  • Unexpected network connections from affected devices

SIEM Query:

source="android_logs" AND ("kernel panic" OR "smartcard" OR "buffer overflow")

📊 Metadata

CVE ID: CVE-2016-10477
CVSS v3 Score: 9.8 (CRITICAL)
CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-119
Published: April 18, 2018
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2016-10477, you might also want to check these:

CVE-2024-23613 10.0

A critical buffer overflow vulnerability in Symantec Deployment Solution 7.9 allows remote, unauthen...

Same vulnerability type (CWE-119)
CVE-2024-23615 10.0

A critical buffer overflow vulnerability in Symantec Messaging Gateway allows remote unauthenticated...

Same vulnerability type (CWE-119)
CVE-2026-2776 10.0

This CVE describes a sandbox escape vulnerability in Firefox's Telemetry component due to incorrect ...

Same vulnerability type (CWE-119)