CVE-2014-9971

Published: Aug 18, 2017Modified: May 13, 2026

9.8

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

In all Qualcomm products with Android releases from CAF using the Linux kernel, disabling asserts causes an instruction inside of an assert to not be executed resulting in incorrect control flow.

Affected (1)

Products: Google: Android

Google

1 product

Android

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Google Android	All versions

Related CWEs

CWE-20

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (6)

http://www.securityfocus.com/bid/103671

Source: product-security@qualcomm.com

https://source.android.com/security/bulletin/2017-07-01

Source: product-security@qualcomm.com

Vendor Advisory

https://source.android.com/security/bulletin/2018-04-01

Source: product-security@qualcomm.com

http://www.securityfocus.com/bid/103671

Source: af854a3a-2127-422b-91ae-364da2661108

https://source.android.com/security/bulletin/2017-07-01

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://source.android.com/security/bulletin/2018-04-01

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.