Vulnerability
CVE-2014-10043
Component: TRUST
Location: OS
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, and SD 800, while reading PlayReady rights string information from command buffer (which is sent from non-secure side), if length of rights string is very large, a buffer over read occurs, exposing TZ App memory to non-secure side.
Impact
Severity (Manufact.)
N/A
Severity (NIST)
7.5
Severity (Android)
N/A
Chipsets
1
Devices
7
Affected Hardware
| Name | Also known as | Manufacturer |
|---|---|---|
| MSM8909w | Wear 2100 Wear 2500 Wear 3100 | Qualcomm |
1 of 1 row(s) shown.
Rows per page
Page 1 of 1
Information reliability
The information on this website is intended to provide information on the big picture of chipset security and measure trends within the industry. Our information is obtained from several vantage points, checked for consistency, and automatically cross-referenced. However, this process may not always yield reliable information. Do not use the information on a particular vulnerability, chipset or device to verify your individual exposure in cases where inaccuracies are inacceptable, for instance to assess risks if you are a Politically Exposed Person.
Timeline
Introduced (est):
Jul 1, 2018
Reported:
Unknown
Advisory Published:
N/A
CVE Published:
Apr 18, 2018
Android Patch Level:
None
