PT-2018-4470 · Qualcomm+1 · Qualcomm Snapdragon Mobile Sd 810+6
Published
2018-04-18
·
Updated
2018-05-09
·
CVE-2015-9134
CVSS v2.0
5.0
Medium
| Vector | AV:N/AC:L/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
Android versions prior to 2018-04-05 security patch level
Description
The issue occurs while processing QSEE Syscall 'qsee macc gen ecc privkey' in Android, resulting in an untrusted pointer dereference. This could lead to arbitrary write. The affected devices are those using Qualcomm Snapdragon Mobile SD 410/12, SD 615/16/SD 415, and SD 810.
Recommendations
For Android versions prior to 2018-04-05 security patch level, update to a version with a security patch level of 2018-04-05 or later to resolve the issue.
Fix
NULL Pointer Dereference
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Android
Qualcomm Snapdragon Mobile Sd 12
Qualcomm Snapdragon Mobile Sd 16
Qualcomm Snapdragon Mobile Sd 410
Qualcomm Snapdragon Mobile Sd 415
Qualcomm Snapdragon Mobile Sd 615
Qualcomm Snapdragon Mobile Sd 810