CVE-2017-14910

Published: Feb 23, 2018Modified: Nov 21, 2024

9.8

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

In Snapdragon Automobile, Snapdragon IoT and Snapdragon Mobile MDM9206 MDM9607, MDM9650, S820A, S820Am, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 820, SD 835, and SD 845, a buffer overread is possible if there are no newlines in an input file.

Affected (21)

Products: Qualcomm: Mdm9206 Firmware, Mdm9607 Firmware, Mdm9650 Firmware, S820a Firmware, S820am Firmware, Sd 210 Firmware, Sd 212 Firmware, Sd 410 Firmware, Sd 425 Firmware, Sd 430 Firmware, Sd 615 Firmware, Sd 415 Firmware, Sd 617 Firmware, Sd 625 Firmware, Sd 650 Firmware, Sd 820 Firmware, Sd 835 Firmware, Sd 845 Firmware, Sd 412 Firmware, Sd 616 Firmware, Sd 652 Firmware

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Mdm9206 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Mdm9206	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Mdm9607 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Mdm9607	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Mdm9650 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Mdm9650	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm S820a Firmware	All versions

Running on/with	Platform Versions
Qualcomm S820a	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm S820am Firmware	All versions

Running on/with	Platform Versions
Qualcomm S820am	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd 210 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd 210	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd 212 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd 212	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd 410 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd 410	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd 425 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd 425	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd 430 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd 430	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd 615 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd 615	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd 415 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd 415	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd 617 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd 617	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd 625 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd 625	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd 650 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd 650	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd 820 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd 820	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd 835 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd 835	All versions

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd 845 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd 845	All versions

Configuration S

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd 412 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd 412	All versions

Configuration T

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd 616 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd 616	All versions

Configuration U

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd 652 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd 652	All versions

Related CWEs

CWE-125

Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

References (2)

https://source.android.com/security/bulletin/2018-02-01

Source: product-security@qualcomm.com

Third Party Advisory

https://source.android.com/security/bulletin/2018-02-01

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.