Vulnerability
CVE-2017-18173
Component: TRUST
Location: FIRMWARE
In case of using an invalid android verified boot signature with very large length, an integer underflow occurs in Snapdragon Mobile in SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 810, SD 820, SD 835, SDM630, SDM636, SDM660, Snapdragon_High_Med_2016.
Impact
Severity (Manufact.)
N/A
Severity (NIST)
7.8
Severity (Android)
N/A
Chipsets
15
Devices
600
Affected Hardware
| Name | Also known as | Manufacturer |
|---|---|---|
| MSM8917 | Snapdragon 425 | Qualcomm |
| MSM8920 | Snapdragon 427 | Qualcomm |
| MSM8937 | Snapdragon 430 | Qualcomm |
| MSM8940 | Snapdragon 435 | Qualcomm |
| SDM450 | Snapdragon 450 | Qualcomm |
| MSM8953 | Snapdragon 625 | Qualcomm |
| SDM630 | Snapdragon 630 | Qualcomm |
| SDM636 | Snapdragon 636 | Qualcomm |
| SDM660 | Snapdragon 660 | Qualcomm |
| MSM8994 | Snapdragon 810 | Qualcomm |
15 of 15 row(s) shown.
Rows per page
Page 1 of 2
Information reliability
The information on this website is intended to provide information on the big picture of chipset security and measure trends within the industry. Our information is obtained from several vantage points, checked for consistency, and automatically cross-referenced. However, this process may not always yield reliable information. Do not use the information on a particular vulnerability, chipset or device to verify your individual exposure in cases where inaccuracies are inacceptable, for instance to assess risks if you are a Politically Exposed Person.
Timeline
Introduced (est):
Jul 1, 2014
Reported:
Unknown
Advisory Published:
Mar 25, 2019
CVE Published:
May 6, 2019
Android Patch Level:
Jul 2018
