In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9625, MDM9635M, SD 400, and SD 800, while computing the length of memory allocated for a Diag event, if the buffer length is very small or greater than the maximum, an integer overflow may occur, which later results in a buffer overflow.
References
Link | Resource |
---|---|
https://source.android.com/security/bulletin/2018-04-01 | Vendor Advisory |
http://www.securityfocus.com/bid/103671 | Third Party Advisory VDB Entry |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Information
Published : 2018-04-18 07:29
Updated : 2018-05-09 09:44
NVD link : CVE-2015-9150
Mitre link : CVE-2015-9150
JSON object : View
CWE
Products Affected
qualcomm
- sd_400_firmware
- sd_400
- mdm9635m
- mdm9625
- mdm9625_firmware
- sd_800
- sd_800_firmware
- mdm9635m_firmware