First published: Mon Apr 02 2018(Updated: )
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400 and SD 800, in drmprov_cmd_verify_key(), the variable feature_name_length is not validated. There is a check for feature_name_len + filePathLen but there might be an integer wrap when checking feature_name_len + filePathLen. This leads to a buffer overflow.
Credit: product-security@qualcomm.com
Affected Software | Affected Version | How to fix |
---|---|---|
Google Android | ||
Qualcomm Sd 400 Firmware | ||
Qualcomm Sd 400 | ||
Qualcomm Sd 800 Firmware | ||
Qualcomm Sd 800 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2014-9995 is critical.
The affected software for CVE-2014-9995 includes Google Android, Qualcomm Sd 400 Firmware, and Qualcomm Sd 800 Firmware.
To fix CVE-2014-9995, apply the security patch level released on or after April 5, 2018.
No, Qualcomm Sd 400 and Qualcomm Sd 800 are not vulnerable to CVE-2014-9995.
You can find more information about CVE-2014-9995 at the following sources: [SecurityFocus](http://www.securityfocus.com/bid/103671), [Android Security Bulletin](https://source.android.com/security/bulletin/2018-04-01), and [Android Security Bulletin (April 1, 2018)](https://source.android.com/docs/security/bulletin/2018-04-01/#asterisk).