CyberSec.Space Logo
CVEブラウザに戻る

CVE-2017-14912

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0040%
EPSS Percentile40.32th
Published2018年3月30日
Last Modified2024年11月21日

Vulnerability Description

In Android before 2018-01-05 on Qualcomm Snapdragon IoT, Snapdragon Mobile [VERSION]: MDM9206, MDM9607, MDM9650, MSM8909W, SD 200, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 835, the attributes of buffers in Secure Display were not marked properly.

Affected Platforms (CPE)

💻
Qualcomm

Mdm9206 Firmware

All versions
💻
Qualcomm

Mdm9607 Firmware

All versions
💻
Qualcomm

Mdm9650 Firmware

All versions
💻
Qualcomm

Msm8909w Firmware

All versions
💻
Qualcomm

Sd 210 Firmware

All versions
💻
Qualcomm

Sd 212 Firmware

All versions
💻
Qualcomm

Sd 205 Firmware

All versions
💻
Qualcomm

Sd 400 Firmware

All versions
💻
Qualcomm

Sd 410 Firmware

All versions
💻
Qualcomm

Sd 412 Firmware

All versions
💻
Qualcomm

Sd 425 Firmware

All versions
💻
Qualcomm

Sd 430 Firmware

All versions
💻
Qualcomm

Sd 615 Firmware

All versions
💻
Qualcomm

Sd 616 Firmware

All versions
💻
Qualcomm

Sd 415 Firmware

All versions
💻
Qualcomm

Sd 617 Firmware

All versions
💻
Qualcomm

Sd 625 Firmware

All versions
💻
Qualcomm

Sd 650 Firmware

All versions
💻
Qualcomm

Sd 652 Firmware

All versions
💻
Qualcomm

Sd 835 Firmware

All versions
💻
Qualcomm

Sd 800 Firmware

All versions

References & Advisories

🔗 http://www.securityfocus.com/bid/102386
🔗 http://www.securitytracker.com/id/1040106
🔗 https://source.android.com/security/bulletin/2018-01-01
🔗 http://www.securityfocus.com/bid/102386
🔗 http://www.securitytracker.com/id/1040106
🔗 https://source.android.com/security/bulletin/2018-01-01

関連する脆弱性情報

CVE-2019-23099.8

While storing calibrated data from firmware in cache, An integer overflow may occur since data length received may exceed real dat...

CVE-2019-105429.8

Buffer over-read may occur when downloading a corrupted firmware file that has chunk length in header which doesn`t match the cont...

CVE-2019-22879.8

Improper validation for inputs received from firmware can lead to an out of bound write issue in video driver. in Snapdragon Auto,...

CVE-2019-105729.8

Improper check in video driver while processing data from video firmware can lead to integer overflow and then buffer overflow in ...