PT-2018-4482 · Qualcomm+1 · Qualcomm Snapdragon Mobile Mdm9650+11
Publicado
2018-04-18
·
Atualizado
2018-05-09
·
CVE-2015-9146
CVSS v2.0
10
Alta
| Vetor | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Android versions prior to 2018-04-05 security patch level
Description
The issue arises when QDI read, write, or ioctl are called, and the passed-in pointer is not properly validated before accessing it for the delayed response. This occurs on Qualcomm Snapdragon Mobile MDM9625, MDM9635M, MDM9645, MDM9650, MDM9655, SD 400, SD 800, SD 835, SD 845, SD 850, and SDX20.
Recommendations
For Android versions prior to 2018-04-05 security patch level, update to a version with a security patch level of 2018-04-05 or later to resolve the issue.
Correção
RCE
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Android
Qualcomm Snapdragon Mobile Mdm9625
Qualcomm Snapdragon Mobile Mdm9635M
Qualcomm Snapdragon Mobile Mdm9645
Qualcomm Snapdragon Mobile Mdm9650
Qualcomm Snapdragon Mobile Mdm9655
Sd 400
Sd 800
Sd 835
Sd 845
Sd 850
Sdx20