CVE-2017-15832

nvd nist

Published: Nov 26, 2024Modified: Jan 9, 2025

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

Buffer overwrite in the WLAN host driver by leveraging a compromised WLAN FW

Affected (5)

Products: Qualcomm: Mdm9206 Firmware, Mdm9607 Firmware, Sd 835 Firmware, Sd 845 Firmware, Sd 850 Firmware

5 products

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Mdm9206 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Mdm9206	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Mdm9607 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Mdm9607	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd 835 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd 835	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd 845 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd 845	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Qualcomm Sd 850 Firmware	All versions

Running on/with	Platform Versions
Qualcomm Sd 850	All versions

Related CWEs

CWE-20

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

CWE-787

Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

References (1)

https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2018-bulletin.html

Source: product-security@qualcomm.com

Vendor Advisory

Timeline

No history available yet.