CVE-2016-10428
18.04.2018, 14:29
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, and SD 820A, HMAC verification in counter file uses an insecure memcmp which may assist a timing attack.Enginsight
| Vendor | Product | Version |
|---|---|---|
| qualcomm | sd_425_firmware | - |
| qualcomm | sd_430_firmware | - |
| qualcomm | sd_450_firmware | - |
| qualcomm | sd_625_firmware | - |
| qualcomm | sd_650_firmware | - |
| qualcomm | sd_652_firmware | - |
| qualcomm | sd_820_firmware | - |
| qualcomm | sd_820a_firmware | - |
𝑥
= Vulnerable software versions
Common Weakness Enumeration