PT-2018-6811 · Qualcomm · Snapdragon Wear+1
Published
2018-10-23
·
Updated
2019-10-03
·
CVE-2017-18293
CVSS v2.0
7.2
High
| Vector | AV:L/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions:
Qualcomm Snapdragon Mobile versions MDM9206, MDM9607, MDM9650, SD 210, SD 212, SD 205, SD 425, SD 430, SD 450, SD 625, SD 650, SD 652, SD 835, SDA660
Qualcomm Snapdragon Wear versions MDM9206, MDM9607, MDM9650, SD 210, SD 212, SD 205, SD 425, SD 430, SD 450, SD 625, SD 650, SD 652, SD 835, SDA660
Description:
The issue allows bypassing protection of a particular GPIO by using the corresponding banked GPIO registers instead of the blocked GPIO resource registers.
Recommendations:
For Qualcomm Snapdragon Mobile versions MDM9206, MDM9607, MDM9650, SD 210, SD 212, SD 205, SD 425, SD 430, SD 450, SD 625, SD 650, SD 652, SD 835, SDA660, consider restricting access to the banked GPIO registers as a temporary workaround.
For Qualcomm Snapdragon Wear versions MDM9206, MDM9607, MDM9650, SD 210, SD 212, SD 205, SD 425, SD 430, SD 450, SD 625, SD 650, SD 652, SD 835, SDA660, consider restricting access to the banked GPIO registers as a temporary workaround.
At the moment, there is no information about a newer version that contains a fix for this issue.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Snapdragon Mobile
Snapdragon Wear