Vulnerability
CVE-2014-9986
Location: OS
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, and SD 820A, in playready_licacq_process_response(), 'cbResponse' value is controlled by HLOS, and there is no validation on this length. If 'cbResponse' is too large, memory overread occurs.
Impact
Severity (Manufact.)
N/A
Severity (NIST)
7.5
Severity (Android)
N/A
Chipsets
1
Devices
7
Affected Hardware
| Name | Also known as | Manufacturer |
|---|---|---|
| MSM8909w | Wear 2100 Wear 2500 Wear 3100 | Qualcomm |
1 of 1 row(s) shown.
Rows per page
Page 1 of 1
Information reliability
The information on this website is intended to provide information on the big picture of chipset security and measure trends within the industry. Our information is obtained from several vantage points, checked for consistency, and automatically cross-referenced. However, this process may not always yield reliable information. Do not use the information on a particular vulnerability, chipset or device to verify your individual exposure in cases where inaccuracies are inacceptable, for instance to assess risks if you are a Politically Exposed Person.
Timeline
Introduced (est):
Jul 1, 2018
Reported:
Unknown
Advisory Published:
N/A
CVE Published:
Apr 18, 2018
Android Patch Level:
None
