Buffer Overflow in AES Encryption in Qualcomm Snapdragon Products
CVE-2017-18330
Key Information:
- Vendor
- Qualcomm
- Vendor
- CVE Published:
- 3 January 2019
Summary
A vulnerability exists in Qualcomm's Snapdragon products due to a buffer overflow in the AES-CCM and AES-GCM encryption processes. This issue arises from improper handling of the initialization vector, affecting a wide range of Snapdragon chipsets. Exploitation of this vulnerability could compromise cryptographic protocols, leading to potential unauthorized data access or other malicious activities in devices relying on these processors.
Affected Version(s)
Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016
References
CVSS V3.1
Timeline
Vulnerability published
Vulnerability Reserved