In Android prior to 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 210/SD 212/SD 205, SD 400, SD 425, SD 427, SD 430, SD 435, SD 450, SD 617, SD 625, SD 650/52, SD 800, SD 845, and Snapdragon_High_Med_2016, during module load at TZ Startup, memory statically allocated by modules was not being properly set to zero first. Allowing the module to execute without reset gives it access to information from previous app thus leading to information exposure.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
qualcomm sd_427_firmware - |
||
qualcomm sd_435_firmware - |
||
qualcomm sd_210_firmware - |
||
qualcomm sd_212_firmware - |
||
qualcomm sd_205_firmware - |
||
qualcomm sd_400_firmware - |
||
qualcomm sd_425_firmware - |
||
qualcomm sd_430_firmware - |
||
qualcomm sd_450_firmware - |
||
qualcomm sd_617_firmware - |
||
qualcomm sd_625_firmware - |
||
qualcomm sd_650_firmware - |
||
qualcomm sd_652_firmware - |
||
qualcomm sd_800_firmware - |
||
qualcomm sd_845_firmware - |
Vulmon