In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile IPQ4019, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 800, SD 808, SD 810, SD 820, and SD 820A, A non-secure region check is done while registering QSEE buffer address which is passed by HLOS but not while logging in the QSEE buffer, so corruption of dynamically protected secure region can occur if the non-secure buffer is changed between the time it's checked and when it's used.
AI analysis not yet available
Plain-English explanation, risk summary, and remediation steps will appear here once AI analysis is complete.
No Fix Known
No patch has been released yet. Apply workarounds or mitigations where available.
| Vendor | Product | Versions | Fixed In |
|---|---|---|---|
| qualcomm | ipq4019_firmware | - | - |
| qualcomm | mdm9625_firmware | - | - |
| qualcomm | mdm9635m_firmware |
Published
CVE disclosed publicly
Last Modified
Most recent update
Indexed to CVEInsight
Added to this platform
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
20
Affected Products
4
References
qualcomm / ipq4019_firmware
| - |
| - |
| qualcomm | mdm9640_firmware | - | - |
| qualcomm | mdm9650_firmware | - | - |
| qualcomm | mdm9655_firmware | - | - |
| qualcomm | sd_210_firmware | - | - |
| qualcomm | sd_212_firmware | - | - |
| qualcomm | sd_205_firmware | - | - |
| qualcomm | sd_400_firmware | - | - |
| qualcomm | sd_410_firmware | - | - |
| qualcomm | sd_412_firmware | - | - |
| qualcomm | sd_615_firmware | - | - |
| qualcomm | sd_616_firmware | - | - |
| qualcomm | sd_415_firmware | - | - |
| qualcomm | sd_800_firmware | - | - |
| qualcomm | sd_808_firmware | - | - |
| qualcomm | sd_810_firmware | - | - |
| qualcomm | sd_820_firmware | - | - |
| qualcomm | sd_820a_firmware | - | - |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Exploitability
Impact