RSA Encryption Buffer Overflow Vulnerability in Qualcomm Snapdragon Products
CVE-2015-9138
Summary
The vulnerability allows for a potential buffer overflow in RSA encryption operations on multiple Qualcomm Snapdragon platforms. The issue arises when the function ce_util_to_unsigned_bin improperly handles address size instead of character buffer size, potentially leading to memory corruption. This undesired behavior could be exploited to perform malicious actions on affected devices.
Affected Version(s)
Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear, Small Cell SoC FSM9055, IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDX20
References
CVSS V3.1
Timeline
Vulnerability published
Vulnerability Reserved