CVE-2017-18293

Name of the Vulnerable Software and Affected Versions: Qualcomm Snapdragon Mobile versions MDM9206, MDM9607, MDM9650, SD 210, SD 212, SD 205, SD 425, SD 430, SD 450, SD 625, SD 650, SD 652, SD 835, SDA660 Qualcomm Snapdragon Wear versions MDM9206, MDM9607, MDM9650, SD 210, SD 212, SD 205, SD 425, SD 430, SD 450, SD 625, SD 650, SD 652, SD 835, SDA660

Description: The issue allows bypassing protection of a particular GPIO by using the corresponding banked GPIO registers instead of the blocked GPIO resource registers.

Recommendations: For Qualcomm Snapdragon Mobile versions MDM9206, MDM9607, MDM9650, SD 210, SD 212, SD 205, SD 425, SD 430, SD 450, SD 625, SD 650, SD 652, SD 835, SDA660, consider restricting access to the banked GPIO registers as a temporary workaround. For Qualcomm Snapdragon Wear versions MDM9206, MDM9607, MDM9650, SD 210, SD 212, SD 205, SD 425, SD 430, SD 450, SD 625, SD 650, SD 652, SD 835, SDA660, consider restricting access to the banked GPIO registers as a temporary workaround. At the moment, there is no information about a newer version that contains a fix for this issue.