Buffer Overflow Vulnerability in Qualcomm Snapdragon Products
CVE-2015-9224

9.8CRITICAL

Key Information:

Summary

In various Qualcomm Snapdragon platforms prior to the April 2018 security patch, an input validation vulnerability in the QURTK_write() function may lead to a potential buffer overflow. This flaw could allow attackers to execute arbitrary code, potentially compromising the affected devices.

Affected Version(s)

Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear, Small Cell SoC FSM9055, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDX20

References

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.