CVE-2015-9114: Null Pointer Dereference
First published: Mon Apr 02 2018(Updated: )
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, and SD 820A, lack of address argument validation in qsee_query_counter syscall could lead to untrusted pointer dereference.
Credit: product-security@qualcomm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Android | ||
| Qualcomm SDR425 Firmware | ||
| Qualcomm Snapdragon 425 | ||
| Qualcomm SD 430 Firmware | ||
| Qualcomm SD 430 Firmware | ||
| Qualcomm SDM450 Firmware | ||
| Qualcomm SDM450 | ||
| Qualcomm SD 625 Firmware | ||
| Qualcomm Snapdragon 625 | ||
| Qualcomm SD650 Firmware | ||
| Qualcomm Snapdragon 650 | ||
| Qualcomm SD652 Firmware | ||
| Qualcomm SD652 Firmware | ||
| Qualcomm SD820A Firmware | ||
| Qualcomm SD820A Firmware | ||
| Qualcomm SD820 Firmware | ||
| Qualcomm SD820 Firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2015-9114?
CVE-2015-9114 has been rated as high severity due to the potential for untrusted pointer dereference leading to exploitation.
How do I fix CVE-2015-9114?
To remediate CVE-2015-9114, update your device to Android security patch level 2018-04-05 or later.
Which products are affected by CVE-2015-9114?
CVE-2015-9114 affects Android versions prior to the April 2018 security patch and various Qualcomm Snapdragon chipsets, including SD 425, SD 430, SD 450, SD 625, SD 650, SD 820, and SD 820A.
What is the impact of CVE-2015-9114?
The impact of CVE-2015-9114 could include arbitrary code execution due to an untrusted pointer dereference.
Is CVE-2015-9114 being actively exploited?
As of the last updates, there have been no public reports of active exploitation specifically associated with CVE-2015-9114.
- agent/references
- agent/type
- agent/first-publish-date
- agent/severity
- agent/author
- agent/weakness
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/event
- agent/source
- agent/tags
- agent/softwarecombine
- collector/android-source
- source/Android
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/google
- canonical/android
- vendor/qualcomm
- canonical/qualcomm sdr425 firmware
- canonical/qualcomm snapdragon 425
- canonical/qualcomm sd 430 firmware
- canonical/qualcomm sdm450 firmware
- canonical/qualcomm sdm450
- canonical/qualcomm sd 625 firmware
- canonical/qualcomm snapdragon 625
- canonical/qualcomm sd650 firmware
- canonical/qualcomm snapdragon 650
- canonical/qualcomm sd652 firmware
- canonical/qualcomm sd820a firmware
- canonical/qualcomm sd820 firmware