PT-2018-6706 · Qualcomm+1 · Snapdragon Mobile+2
Published
2018-10-23
·
Updated
2018-12-13
·
CVE-2017-18172
CVSS v2.0
7.2
High
| Vector | AV:L/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions:
Snapdragon Automobile versions MDM9635M, SD 400, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 820A, SD 835, SDM630, SDM636, SDM660, Snapdragon High Med 2016
Snapdragon Mobile versions MDM9635M, SD 400, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 820A, SD 835, SDM630, SDM636, SDM660, Snapdragon High Med 2016
Description:
The issue is related to an Integer Overflow or Wraparound in System UI, which occurs when checking contiguous buffer with certain buffer sizes on devices with a screen size of 1440x2560.
Recommendations:
For Snapdragon Automobile and Snapdragon Mobile versions MDM9635M, SD 400, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 820A, SD 835, SDM630, SDM636, SDM660, Snapdragon High Med 2016, at the moment, there is no information about a newer version that contains a fix for this issue.
Fix
Integer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Snapdragon Automobile
Snapdragon Mobile
Systemui