CVE-2016-10482
Description
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, and SDX20, while processing downlink information, an assert can be reached.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
An assert reachable during downlink information processing on multiple Qualcomm Snapdragon chipsets leads to denial of service.
Vulnerability
In Android before the 2018-04-05 security patch level on multiple Qualcomm Snapdragon Mobile and Snapdragon Wear chipsets (MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, and SDX20), an assert can be reached while the baseband processor processes downlink information. The bug resides in the modem firmware and does not require any special configuration beyond a default cellular connection [1].
Exploitation
An attacker with the ability to inject crafted downlink data into the device's cellular communication (e.g., via a rogue base station or malicious network element) can trigger the vulnerable code path. No authentication or user interaction is required; the assert occurs automatically during normal downlink processing [1].
Impact
Successful exploitation results in an assertion failure that causes a denial of service (DoS), such as a modem crash or device reboot. No information disclosure, code execution, or privilege escalation is described in the available reference [1].
Mitigation
Google released a fix as part of the Android Security Bulletin dated April 2018. Devices that receive the 2018-04-05 security patch level (or later) are no longer vulnerable. No workaround is documented; updating to the patched security patch level is the only mitigation [1].
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
4- Range: before 2018-04-05 security patch level
- Range: before 2018-04-05 security patch level
- Range: before 2018-04-05 security patch level
- Qualcomm, Inc./Snapdragon Mobile, Snapdragon Wearv5Range: MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, SDX20
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- www.securityfocus.com/bid/103671mitrevdb-entryx_refsource_BID
- source.android.com/security/bulletin/2018-04-01mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.