VYPR
← All advisories
Unrated severityNVD Advisory· Published Apr 18, 2018· Updated Sep 16, 2024

CVE-2016-10447

CVE-2016-10447

Description

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 835, and SDX20, secure UI crash due to uninitialized link list entry in dynamic font module.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Uninitialized linked list entry in Qualcomm dynamic font module causes secure UI crash on multiple Snapdragon platforms.

Vulnerability

An uninitialized linked list entry in the dynamic font module of Qualcomm's secure UI implementation leads to a crash. This vulnerability affects Android devices running a security patch level earlier than 2018-04-05 on the following Qualcomm Snapdragon Mobile and Snapdragon Wear platforms: MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 835, and SDX20 [1].

Exploitation

An attacker with local access to the device can trigger the uninitialized list entry by interacting with the dynamic font module, causing the secure UI to crash. No authentication is required beyond normal user access [1].

Impact

Successful exploitation results in a denial of service (crash) of the secure UI, which may temporarily disrupt the user interface or security-sensitive operations. No privilege escalation or data compromise is indicated [1].

Mitigation

The issue is resolved in the Android security patch level dated 2018-04-05 or later. Users should ensure their devices have received this update from their OEM. No workaround is available [1].

References
  1. Android Security Bulletin—April 2018

AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

3
  • Qualcomm/Snapdragon Mobilellm-fuzzy
    Range: <2018-04-05
  • Qualcomm/Snapdragon Wearllm-fuzzy
    Range: <2018-04-05
  • Qualcomm, Inc./Snapdragon Mobile, Snapdragon Wearv5
    Range: MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 835, SDX20

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

2

News mentions

0

No linked articles in our index yet.