PT-2018-4655 · Qualcomm+1 · Sd 808+38
Published
2018-04-18
·
Updated
2018-04-24
·
CVE-2016-10414
CVSS v2.0
10
High
| Vector | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Android versions prior to 2018-04-05
Description
The issue occurs when a hash is passed with zero data length, causing the code to return an error, despite zero data length being valid. This affects various Qualcomm Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear products, including FSM9055, IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, and SDX20.
Recommendations
For Android versions prior to 2018-04-05, update to a version with a security patch level of 2018-04-05 or later to resolve the issue.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Android
Fsm9055
Ipq4019
Mdm9206
Mdm9607
Mdm9625
Mdm9635M
Mdm9640
Mdm9645
Mdm9650
Mdm9655
Msm8909W
Sd 205
Sd 210
Sd 212
Sd 400
Sd 410
Sd 415
Sd 425
Sd 430
Sd 450
Sd 615
Sd 616
Sd 617
Sd 625
Sd 650
Sd 652
Sd 800
Sd 808
Sd 810
Sd 820
Sd 820A
Sd 835
Sd 845
Sd 850
Sdx20
Snapdragon Automobile
Snapdragon Mobile
Snapdragon Wear