Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9.8
CVSSv3

CVE-2015-9148

Published: 18/04/2018 Updated: 09/05/2018
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 890
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Mdm9625 Firmware

Vulnerability Summary

In Android prior to 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, SD 400, SD 425, SD 430, SD 450, SD 600, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, and SDX20, in the Diag User-PD command registration function, a length variable used during buffer allocation is not checked, so if it is very large, an integer overflow followed by a buffer overflow occurs.

Vulnerable Product Search on Vulmon Subscribe to Product

qualcomm mdm9625_firmware -

qualcomm mdm9635m_firmware -

qualcomm mdm9640_firmware -

qualcomm mdm9645_firmware -

qualcomm mdm9650_firmware -

qualcomm mdm9655_firmware -

qualcomm sd_400_firmware -

qualcomm sd_425_firmware -

qualcomm sd_430_firmware -

qualcomm sd_450_firmware -

qualcomm sd_600_firmware -

qualcomm sd_617_firmware -

qualcomm sd_625_firmware -

qualcomm sd_650_firmware -

qualcomm sd_652_firmware -

qualcomm sd_800_firmware -

qualcomm sd_808_firmware -

qualcomm sd_810_firmware -

qualcomm sd_820_firmware -

qualcomm sd_835_firmware -

qualcomm sd_845_firmware -

qualcomm sdx20_firmware -

qualcomm sd_850_firmware -

qualcomm sd_820a_firmware -

References

CWE-119CWE-190https://source.android.com/security/bulletin/2018-04-01http://www.securityfocus.com/bid/103671https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463CVE-2024-3400deserializationCVE-2024-21788CVE-2023-42433CVE-2024-21841CVE-2024-22095local file inclusionmemory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook