First published: Mon Apr 02 2018(Updated: )
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile MDM9625, SD 400, SD 800, SD 820, and SD 820A, lack of input validation in QSEE can cause potential buffer overflow.
Credit: product-security@qualcomm.com
Affected Software | Affected Version | How to fix |
---|---|---|
Google Android | ||
Qualcomm Mdm9625 Firmware | ||
Google Android | ||
Qualcomm Sd 400 Firmware | ||
Qualcomm Sd 400 | ||
Qualcomm Sd 800 Firmware | ||
Qualcomm Sd 800 | ||
Qualcomm Sd 820a Firmware | ||
Qualcomm Sd 820a | ||
Qualcomm Sd 820 Firmware | ||
Qualcomm Sd 820 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2015-9112 is a vulnerability in Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile MDM9625, SD 400, SD 800, SD 820, and SD 820A. It is a buffer overflow vulnerability caused by the lack of input validation in QSEE.
The severity of CVE-2015-9112 is critical, with a severity value of 9.8.
CVE-2015-9112 affects Google Android, Qualcomm Mdm9625 Firmware, Qualcomm Sd 400 Firmware, Qualcomm Sd 800 Firmware, and Qualcomm Sd 820a Firmware.
To fix CVE-2015-9112, it is recommended to update to the latest Android security patch level and firmware version provided by Google and Qualcomm.
More information about CVE-2015-9112 can be found at the following references: [1](http://www.securityfocus.com/bid/103671), [2](https://source.android.com/security/bulletin/2018-04-01), [3](https://source.android.com/docs/security/bulletin/2018-04-01/#asterisk).