First published: Mon Apr 02 2018(Updated: )
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400 and SD 800, lack of validation of input could cause a integer overflow that could subsequently lead to a buffer overflow.
Credit: product-security@qualcomm.com
Affected Software | Affected Version | How to fix |
---|---|---|
Google Android | ||
Qualcomm Sd 400 Firmware | ||
Qualcomm Sd 400 | ||
Qualcomm Sd 800 Firmware | ||
Qualcomm Sd 800 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2014-9994 is a vulnerability in Android that could lead to a buffer overflow.
The severity of CVE-2014-9994 is critical with a CVSS score of 9.8.
Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400 and SD 800 are affected by CVE-2014-9994.
CVE-2014-9994 can be exploited by exploiting a lack of input validation, leading to an integer overflow that subsequently leads to a buffer overflow.
To fix CVE-2014-9994, update your Android device to the latest security patch level or install the necessary firmware update provided by Qualcomm.