PT-2017-2737 · Qualcomm+2 · Qualcomm Products+2

Published

2017-05-30

Updated

2017-08-23

CVE-2015-9072

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Qualcomm products with Android releases from CAF using the Linux kernel (affected versions not specified)

Description The issue is related to an untrusted pointer dereference that can occur in a TrustZone syscall in the Android operating system. This can potentially allow a remote attacker to compromise the confidentiality, integrity, and availability of protected information.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

BDU:2017-01976

CVE-2015-9072

Affected Products

Android

Linux Kernel

Qualcomm Products

PT-2017-2737 · Qualcomm+2 · Qualcomm Products+2

CVE-2015-9072

Weakness Enumeration

Related Identifiers

Affected Products

References · 4