First published: Mon Apr 02 2018(Updated: )
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 450, and SD 850, buffer overread vulnerability may occur while provisioning a content with a large message.
Credit: product-security@qualcomm.com
Affected Software | Affected Version | How to fix |
---|---|---|
Google Android | ||
Qualcomm Mdm9206 Firmware | ||
Qualcomm Mdm9206 | ||
Qualcomm Mdm9607 Firmware | ||
Qualcomm Mdm9607 | ||
Qualcomm Mdm9650 Firmware | ||
Qualcomm Mdm9650 | ||
Qualcomm Msm8909w Firmware | ||
Qualcomm Msm8909w | ||
Qualcomm Sd 210 Firmware | ||
Qualcomm Sd 210 | ||
Qualcomm Sd 212 Firmware | ||
Qualcomm Sd 212 | ||
Qualcomm Sd 205 Firmware | ||
Qualcomm Sd 205 | ||
Qualcomm Sd 400 Firmware | ||
Qualcomm Sd 400 | ||
Qualcomm Sd 410 Firmware | ||
Qualcomm Sd 410 | ||
Qualcomm Sd 412 Firmware | ||
Qualcomm Sd 412 | ||
Qualcomm Sd 425 Firmware | ||
Qualcomm Sd 425 | ||
Qualcomm Sd 430 Firmware | ||
Qualcomm Sd 430 | ||
Qualcomm Sd 820a Firmware | ||
Qualcomm Sd 820a | ||
Qualcomm Sd 615 Firmware | ||
Qualcomm Sd 615 | ||
Qualcomm Sd 616 Firmware | ||
Qualcomm Sd 616 | ||
Qualcomm Sd 415 Firmware | ||
Qualcomm Sd 415 | ||
Qualcomm Sd 617 Firmware | ||
Qualcomm Sd 617 | ||
Qualcomm Sd 625 Firmware | ||
Qualcomm Sd 625 | ||
Qualcomm Sd 650 Firmware | ||
Qualcomm Sd 650 | ||
Qualcomm Sd 652 Firmware | ||
Qualcomm Sd 652 | ||
Qualcomm Sd 800 Firmware | ||
Qualcomm Sd 800 | ||
Google Android | ||
Qualcomm Sd 808 | ||
Google Android | ||
Qualcomm Sd 810 | ||
Qualcomm Sd 820 Firmware | ||
Qualcomm Sd 820 | ||
Qualcomm Sd 835 Firmware | ||
Qualcomm Sd 835 | ||
Qualcomm Sd 845 Firmware | ||
Qualcomm Sd 845 | ||
Qualcomm Sd 850 Firmware | ||
Qualcomm Sd 850 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2014-9993 is a vulnerability in Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810.
CVE-2014-9993 has a severity rating of 9.8 out of 10 (Critical).
CVE-2014-9993 affects Google Android, Qualcomm Mdm9206 Firmware, Qualcomm Mdm9650 Firmware, Qualcomm Sd 210 Firmware, Qualcomm Sd 212 Firmware, Qualcomm Sd 205 Firmware, Qualcomm Sd 400 Firmware, Qualcomm Sd 410 Firmware, Qualcomm Sd 412 Firmware, Qualcomm Sd 425 Firmware, Qualcomm Sd 430 Firmware, Qualcomm Sd 820a Firmware, Qualcomm Sd 615 Firmware, Qualcomm Sd 616 Firmware, Qualcomm Sd 415 Firmware, Qualcomm Sd 617 Firmware, Qualcomm Sd 625 Firmware, Qualcomm Sd 650 Firmware, Qualcomm Sd 652 Firmware, Qualcomm Sd 800 Firmware, Qualcomm Sd 808 Firmware, Qualcomm Sd 810 Firmware, Qualcomm Sd 820 Firmware, Qualcomm Sd 835 Firmware, Qualcomm Sd 845 Firmware, Qualcomm Sd 850 Firmware.
To fix CVE-2014-9993, users should apply the latest security patch provided by Android and Qualcomm for their respective devices.
More information about CVE-2014-9993 can be found at the following references: [SecurityFocus](http://www.securityfocus.com/bid/103671), [Android Security Bulletin - April 2018](https://source.android.com/security/bulletin/2018-04-01), [Android Security Bulletin - April 2018 (Details)](https://source.android.com/docs/security/bulletin/2018-04-01/#asterisk).