In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400, lack of address argument validation in qsee_get_tz_app_name() may lead to an untrusted pointer dereference.

Related CVEs

CVE-2016-10489

Key Information

GHSA ID

GHSA-vjmq-62r4-4r8m

Published

May 14, 2022 3:29 AM

Last Modified

May 14, 2022 3:29 AM

CVSS Score

9.0 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: September 3, 2025 6:33 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.