CVE-2017-18320

Name of the Vulnerable Software and Affected Versions Qualcomm Snapdragon versions MSM8996AU, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon High Med 2016, SXR1130.

Description A data abort occurs when attempting to unload a 3rd party Trusted Execution Environment (TEE) without previously loading it on Qualcomm Snapdragon automobile and mobile versions.

Recommendations For versions MSM8996AU, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon High Med 2016, SXR1130, ensure that the 3rd party TEE is loaded before attempting to unload it to prevent a data abort. At the moment, there is no information about a newer version that contains a fix for this issue.