CVE-2016-10429
Description
In Android before 2018-04-05 or earlier security patch level on Qualcomm Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear FSM9055, IPQ4019, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, and SDX20, three image types are loaded in the same manner without distinguishing them.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Qualcomm bootloader mishandles image type differentiation, enabling arbitrary code execution from unsigned images.
Vulnerability
In Qualcomm Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear platforms listed in the CVE description (including FSM9055, IPQ4019, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, and SDX20), three image types are loaded in the same manner without distinguishing them [1]. This flaw exists in the bootloader code prior to the April 2018 Android security patch level. The bootloader fails to enforce type checks during image loading, allowing an image intended for one purpose to be loaded in a context reserved for another.
Exploitation
The attacker requires the ability to write to the device's boot partition (i.e., physical access or already compromised system privileges) and the ability to substitute or modify the boot image file. By crafting a malicious image that is loaded without proper type validation, the bootloader treats it as a valid boot image, bypassing integrity checks applicable to other image types [1]. No user interaction is needed beyond the initial boot process; the exploitation occurs at boot time.
Impact
Successful exploitation allows the attacker to execute arbitrary code at the bootloader level, before the kernel and Android userspace are loaded. This results in a full compromise of device integrity and confidentiality, as the attacker can install persistent malware, disable security features, or extract sensitive data. The impact is not limited to the kernel; the bootloader operates with hardware-level privileges, making remediation difficult without replacing the bootloader or firmware.
Mitigation
The fix is included in the Android security patch level of April 2018 or later [1]. Users should ensure their devices receive the monthly Android security updates from their OEM. For affected Qualcomm platforms, updating to the patched bootloader version is the only mitigation; no workaround is available for unpatched devices. The platform is not listed on the CISA Known Exploited Vulnerabilities (KEV) catalog as of this writing.
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
4- Qualcomm, Inc./Small Cell SoC , Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wearv5Range: FSM9055, IPQ4019, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SDX20
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- www.securityfocus.com/bid/103671mitrevdb-entryx_refsource_BID
- source.android.com/security/bulletin/2018-04-01mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.