10

CVE-2015-9118

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9615, MDM9625, MDM9635M, SD 400, SD 410/12, SD 615/16/SD 415, SD 800, SD 808, and SD 810, in ADSP's QDI Root-PD driver, untrusted arguments from User PD may cause integer overflow resulting in buffer overflow.

Data is provided by the National Vulnerability Database (NVD)
QualcommMdm9615 Firmware Version-
   QualcommMdm9615 Version-
QualcommMdm9625 Firmware Version-
   QualcommMdm9625 Version-
QualcommMdm9635m Firmware Version-
   QualcommMdm9635m Version-
QualcommSd 400 Firmware Version-
   QualcommSd 400 Version-
QualcommSd 410 Firmware Version-
   QualcommSd 410 Version-
QualcommSd 412 Firmware Version-
   QualcommSd 412 Version-
QualcommSd 615 Firmware Version-
   QualcommSd 615 Version-
QualcommSd 616 Firmware Version-
   QualcommSd 616 Version-
QualcommSd 415 Firmware Version-
   QualcommSd 415 Version-
QualcommSd 800 Firmware Version-
   QualcommSd 800 Version-
QualcommSd 808 Firmware Version-
   QualcommSd 808 Version-
QualcommSd 810 Firmware Version-
   QualcommSd 810 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.38% 0.564
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 9.8 3.9 5.9
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 10 10 10
AV:N/AC:L/Au:N/C:C/I:C/A:C
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

http://www.securityfocus.com/bid/103671
Third Party Advisory
VDB Entry