CVE-2017-11076

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions No specific software or versions are mentioned in the provided descriptions.

Description The issue occurs on certain hardware revisions where VP9 decoding is hardware-accelerated. In these cases, the frame size is not correctly programmed into the decoder hardware, leading to an invalid memory access by the decoder. No information is provided about the estimated number of potentially affected devices or real-world incidents where this issue was exploited.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-823CWE-119

Related Identifiers

CVE-2017-11076

Affected Products

Snapdragon

Msm8909W Firmware

Msm8996Au Firmware

Sd205 Firmware

Sd210 Firmware

Sd 212 Firmware

Sd 415 Firmware

Sd 425 Firmware

Sd 427 Firmware

Sd 430 Firmware

Sd 435 Firmware

Sd450 Firmware

Sd 615 Firmware

Sd 616 Firmware

Sd625 Firmware

Sd 810 Firmware

Sd820 Firmware

Sd835 Firmware

Sd845 Firmware

Sdm429W Firmware

Sdm439 Firmware

Sdm630 Firmware

Sd632 Firmware

Sd 636 Firmware

Sd660 Firmware

Sd710 Firmware

Snapdragon High Med 2016 Firmware

CVE-2017-11076

Weakness Enumeration

Related Identifiers

Affected Products

References · 3