Memory Management Vulnerability in Qualcomm Snapdragon Products
CVE-2014-10052
Summary
This vulnerability affects multiple Qualcomm Snapdragon products due to the failure to clear reserved memory within the TrustZone (TZ) subsystem after usage. The issue exists in various mobile and wearable devices, leaving sensitive data potentially accessible to unauthorized entities. Devices including Snapdragon Mobile, Snapdragon Wear, and several SoCs risk exposure due to this memory management flaw, creating avenues for attackers to exploit residual data. Proper updates and security patches are crucial to mitigate these risks and ensure device integrity.
Affected Version(s)
Snapdragon Mobile, Snapdragon Wear, Small Cell SoC FSM9055, IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 600, SD 615/16/SD 415, SD 617, SD 650/52, SD 800, SD 808, SD 810, SD 835, SDX20
References
CVSS V3.1
Timeline
Vulnerability published
Vulnerability Reserved