Vulnerability
CVE-2017-18124
Component: TRUST
Location: FIRMWARE
During secure boot, addition is performed on uint8 ptrs which led to overflow issue in Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version FSM9055, IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDX20
Impact
Severity (Manufact.)
N/A
Severity (NIST)
7.8
Severity (Android)
N/A
Chipsets
26
Devices
1211
Affected Hardware
| Name | Also known as | Manufacturer |
|---|---|---|
| MSM8909 | Snapdragon 210 | Qualcomm |
| MSM8909AA | Snapdragon 212 | Qualcomm |
| MSM8916 | Snapdragon 410 | Qualcomm |
| MSM8929 | Snapdragon 415 | Qualcomm |
| MSM8917 | Snapdragon 425 | Qualcomm |
| MSM8937 | Snapdragon 430 | Qualcomm |
| SDM450 | Snapdragon 450 | Qualcomm |
| MSM8939 | Snapdragon 615 | Qualcomm |
| MSM8952 | Snapdragon 617 | Qualcomm |
| MSM8953 | Snapdragon 625 | Qualcomm |
26 of 26 row(s) shown.
Rows per page
Page 1 of 3
Information reliability
The information on this website is intended to provide information on the big picture of chipset security and measure trends within the industry. Our information is obtained from several vantage points, checked for consistency, and automatically cross-referenced. However, this process may not always yield reliable information. Do not use the information on a particular vulnerability, chipset or device to verify your individual exposure in cases where inaccuracies are inacceptable, for instance to assess risks if you are a Politically Exposed Person.
Timeline
Introduced (est):
Apr 1, 2013
Reported:
Unknown
Advisory Published:
Oct 1, 2018
CVE Published:
Oct 26, 2018
Android Patch Level:
None
