CVE-2015-9189

Name of the Vulnerable Software and Affected Versions Android versions prior to 2018-04-05 security patch level

Description The issue is related to the processing of TZ application commands in the tz app cmd handler function, which could lead to potential content disclosure of secure memory. This affects Android on various Qualcomm Snapdragon Mobile and Snapdragon Wear devices, including IPQ4019, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 600, SD 615/16/SD 415, SD 808, and SD 810.

Recommendations For Android versions prior to 2018-04-05 security patch level, update to a version with a security patch level of 2018-04-05 or later to resolve the issue. As a temporary workaround, consider restricting access to the tz app cmd handler function until a patch is available.