CVE-2015-9175

Name of the Vulnerable Software and Affected Versions Android versions prior to 2018-04-05 security patch level

Description The issue is related to a lack of input validation that could lead to an untrusted pointer dereference in the wv dash core generic verify() function. This affects Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear devices with specific chipsets, including MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850.

Recommendations Update to a version with a security patch level of 2018-04-05 or later to resolve the issue. As a temporary workaround, consider restricting access to the wv dash core generic verify() function until a patch is available.