Memory Management Vulnerability in Qualcomm Snapdragon Products
CVE-2014-10052

9.8CRITICAL

Key Information:

Vendor

Qualcomm
Status
Snapdragon Mobile, Snapdragon Wear, Small Cell Soc
Vendor
CVE Published:
18 April 2018

What is CVE-2014-10052?

This vulnerability affects multiple Qualcomm Snapdragon products due to the failure to clear reserved memory within the TrustZone (TZ) subsystem after usage. The issue exists in various mobile and wearable devices, leaving sensitive data potentially accessible to unauthorized entities. Devices including Snapdragon Mobile, Snapdragon Wear, and several SoCs risk exposure due to this memory management flaw, creating avenues for attackers to exploit residual data. Proper updates and security patches are crucial to mitigate these risks and ensure device integrity.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Snapdragon Mobile, Snapdragon Wear, Small Cell SoC FSM9055, IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 600, SD 615/16/SD 415, SD 617, SD 650/52, SD 800, SD 808, SD 810, SD 835, SDX20

References

https://source.android.com/security/bulletin/2018-04-01
x_refsource_CONFIRM
http://www.securityfocus.com/bid/103671
vdb-entryx_refsource_BID

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.