High severity7.0NVD Advisory· Published May 12, 2017· Updated May 13, 2026

CVE-2016-10285

Description

An elevation of privilege vulnerability in the Qualcomm video driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18. Android ID: A-33752702. References: QC-CR#1104899.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Elevation of privilege in Qualcomm video driver allows arbitrary code execution in kernel if attacker first compromises a privileged process.

Vulnerability

The Qualcomm video driver contains an elevation of privilege vulnerability (CVE-2016-10285) that could enable a local malicious application to execute arbitrary code within the kernel context. This issue affects Android devices with Kernel version 3.18. The vulnerability requires the attacker to first compromise a privileged process to exploit this flaw [1].

Exploitation

Exploitation requires a local malicious application that has already compromised a privileged process. The attacker then leverages the vulnerability in the video driver to gain arbitrary code execution in the kernel. No additional user interaction is needed beyond the initial compromise [1].

Impact

Successful exploitation grants the attacker arbitrary code execution in the kernel context, resulting in complete compromise of the device's security. This allows the attacker to perform any action with kernel privileges [1].

Mitigation

The issue was addressed in the Android Security Bulletin for May 2017. Users should apply the update to the affected kernel component. No workarounds are available [1].

References

Android Security Bulletin—May 2017

AI Insight generated on May 22, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

Linux/Kernel
cpe:2.3:o:linux:linux_kernel:3.18:*:*:*:*:*:*:*
Nvidia/Video Driverllm-fuzzy
Range: Kernel-3.18
Android/Android Sdkllm-fuzzy
Range: Kernel-3.18
Google/Androidv5
Range: Kernel-3.18

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

source.android.com/security/bulletin/2017-05-01nvdPatchVendor Advisory
www.securityfocus.com/bid/98163nvdThird Party AdvisoryVDB Entry

News mentions

No linked articles in our index yet.

cvss	0.455
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000