First published: Mon Apr 02 2018(Updated: )
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9615, MDM9625, MDM9635M, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 800, SD 808, and SD 810, use after free vulnerability when the PDN throttle info block is freed without clearing the corresponding active timer.
Credit: product-security@qualcomm.com
Affected Software | Affected Version | How to fix |
---|---|---|
Android | ||
Qualcomm MDM9615M Firmware | ||
Qualcomm MDM9615 firmware | ||
Qualcomm MDM9625M | ||
Qualcomm MDM9625 firmware | ||
Qualcomm MDM9635M firmware | ||
Qualcomm MDM9635M firmware | ||
Qualcomm SD210 Firmware | ||
Qualcomm SD 210 Firmware | ||
Qualcomm SD 212 | ||
Qualcomm SD 212 Firmware | ||
Qualcomm 205 Firmware | ||
Qualcomm SD205 Firmware | ||
Qualcomm SD 400 Firmware | ||
Qualcomm Snapdragon 400 | ||
Qualcomm SD410 Firmware | ||
Qualcomm Snapdragon 410 | ||
Qualcomm SD412 Firmware | ||
Qualcomm SD412 | ||
Qualcomm SD615 Firmware | ||
Qualcomm Snapdragon 615 | ||
Qualcomm SD 616 Firmware | ||
Qualcomm Snapdragon 616 | ||
Qualcomm Snapdragon 415 Firmware | ||
Qualcomm Snapdragon 415 | ||
Qualcomm Snapdragon 800 Firmware | ||
Qualcomm Snapdragon 800 | ||
Qualcomm SD 808 Firmware | ||
Qualcomm Snapdragon 808 | ||
Qualcomm Snapdragon 810 Firmware | ||
Qualcomm Snapdragon 810 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2014-10046 is critical with a severity value of 9.8.
Qualcomm Snapdragon Mobile MDM9615, MDM9625, MDM9635M, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 800, SD 808, and SD 810 are affected by CVE-2014-10046.
To fix CVE-2014-10046, update your Android device to the security patch level released on or after April 5, 2018.
You can find more information about CVE-2014-10046 at the following references: [1](http://www.securityfocus.com/bid/103671), [2](https://source.android.com/security/bulletin/2018-04-01), [3](https://source.android.com/docs/security/bulletin/2018-04-01/#asterisk).