In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 617, SD 650/52, SD 800, SD 808, SD 820, and SD 820A, function ce_pkcs1_pss_padding_verify_auto_recover_saltlen assumes that the size of the encoded message is equal to the size of the RSA modulus. This assumption is true for most RSA keys, but it fails when modulus_bitlen % 8 == 1.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: qualcomm
Published: 2018-04-18T14:00:00Z
Updated: 2024-09-17T01:41:05.228Z
Reserved: 2017-08-16T00:00:00
Link: CVE-2016-10467
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2018-04-18T14:29:12.717
Modified: 2018-05-01T16:54:21.127
Link: CVE-2016-10467
Redhat
No data.