PT-2019-8266 · Google+1 · Android+1

Published

2019-05-06

Updated

2019-05-07

CVE-2017-18173

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Snapdragon Mobile in SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 810, SD 820, SD 835, SDM630, SDM636, SDM660, Snapdragon High Med 2016

Description The issue occurs when an invalid Android verified boot signature with a very large length is used, resulting in an integer underflow.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Integer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-190

Related Identifiers

CVE-2017-18173

Affected Products

Android

Snapdragon Mobile

PT-2019-8266 · Google+1 · Android+1

CVE-2017-18173

Weakness Enumeration

Related Identifiers

Affected Products

References · 2