CVE-2016-10428
Description
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, and SD 820A, HMAC verification in counter file uses an insecure memcmp which may assist a timing attack.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Insecure memcmp in HMAC verification on Qualcomm Snapdragon chipsets allows timing attacks to bypass counter file integrity checks.
Vulnerability
In Android before the 2018-04-05 security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile chipsets (SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, and SD 820A), the HMAC verification in the counter file uses an insecure memcmp function. This comparison is not constant-time, making it susceptible to timing side-channel attacks that can reveal the HMAC value or allow forgery.
Exploitation
An attacker with the ability to measure precise response times (e.g., from a local or adjacent network position) can send crafted inputs to the device and observe timing variations in the HMAC verification. By repeatedly probing, the attacker can deduce the correct HMAC or craft a valid counter file without knowing the secret key.
Impact
Successful exploitation allows the attacker to bypass the integrity check of the counter file, potentially enabling modification of the file. This could lead to further compromise, such as privilege escalation or denial of service, depending on the role of the counter file in the system.
Mitigation
The vulnerability is fixed in the Android security patch level dated 2018-04-05 or later. Users should update their devices to this patch level or newer. No workaround is available for unpatched devices; the fix requires a system update from the device manufacturer [1].
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
3- Qualcomm, Inc./Snapdragon Automobile, Snapdragon Mobilev5Range: SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, SD 820A
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- www.securityfocus.com/bid/103671mitrevdb-entryx_refsource_BID
- source.android.com/security/bulletin/2018-04-01mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.