CVE-2015-9044

Name of the Vulnerable Software and Affected Versions Android (affected versions not specified) Qualcomm products with Android releases from CAF using the Linux kernel (affected versions not specified)

Description The issue is related to insufficient checking of the size of a frequency list in the LTE component of the Android operating system from the CAF repository. This can be exploited by a remote attacker to impact the confidentiality, integrity, and availability of protected information. The vulnerability exists due to an improper bound on the size of a frequency list, which can lead to an assertion being reached.

Recommendations For Android, update to a version that includes the fix for this issue, if available. For Qualcomm products with Android releases from CAF using the Linux kernel, apply the necessary configuration changes or patches to fix the improper bound on the size of a frequency list, if available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.